CentreStack Data Breach Exposes Social Security Numbers and Driver’s License Numbers

Other Commercial data breach illustration
Breach Discovery: 6th December 2025Breach Notification: 23rd January 2026

What Happened in the CentreStack Data Breach?

The CentreStack data breach involved unauthorized access to files stored on CentreStack’s file-sharing platform. CentreStack is a product of Gladinet Inc. According to available records, the intrusion occurred on or about Dec. 6, 2025. A third party exploited a vulnerability in the platform to gain access to files without permission.

At this time, the specific vulnerability used in the attack has not been publicly identified. As a result, it remains unclear whether attackers exploited a previously known flaw or a new zero-day issue. This attack appears to be part of a broader campaign targeting Internet-exposed CentreStack servers. In several related cases, attackers left ransom notes and engaged in data-theft extortion.

The Clop ransomware group has a history of targeting secure file-transfer products. Security researchers suspect Clop is responsible for this wave of CentreStack attacks. However, official incident disclosures have not named any specific party responsible for the breach. Because of this, the attacker’s identity remains officially unconfirmed.

The breach first came to public attention through GiaCare, a customer that used CentreStack’s file-sharing services. GiaCare disclosed the incident on Jan. 23, 2026. This disclosure was made to the New Hampshire Attorney General’s office. So far, CentreStack itself has not released its own public disclosure about the incident.

Who was affected?

Because CentreStack has not issued its own notification, the full scope of affected individuals connected to the platform has not been publicly disclosed. What is known comes primarily from GiaCare’s disclosure, which suggests the breach affected individuals whose personal files were stored through GiaCare’s use of the CentreStack platform.

Given that GiaCare’s disclosure mentions driver’s license numbers and Social Security numbers, the affected population likely includes patients, clients, or other individuals whose sensitive records were stored on the system. Since CentreStack serves as a file-sharing platform for many organizations, other customers beyond GiaCare could also be impacted. However, no other affected organizations have come forward publicly at this time.

It also remains unclear whether the affected individuals are located in a single state or spread across the country. Because CentreStack provides services broadly, the geographic scope of affected individuals could extend well beyond New Hampshire, where GiaCare filed its notification. Anyone who interacted with an organization using CentreStack’s platform should stay alert for updates.

What Information Was Potentially Exposed?

According to GiaCare’s breach disclosure, several categories of sensitive personal information were exposed as a result of the CentreStack data breach. This information was stored in files hosted on the CentreStack platform before the unauthorized access occurred.

  • Full name
  • Driver’s license number
  • Social Security number

The exposure of Social Security numbers presents a serious risk to affected individuals. With a Social Security number, criminals can attempt to open new lines of credit, file fraudulent tax returns, or apply for loans in someone else’s name. Because Social Security numbers rarely change, this type of exposure can create risks that last for years, not just months.

In addition, exposed driver’s license numbers can enable identity thieves to create fake identification documents. This makes it easier for fraudsters to impersonate victims in person or online. When combined with a name and Social Security number, a driver’s license number gives criminals nearly everything needed to commit various forms of identity fraud. As a result, affected individuals should treat this exposure seriously.

What is the company doing?

As of this writing, CentreStack has not released its own public disclosure about the breach. Most of what is currently known comes from GiaCare, a customer of the platform, which filed its own notification with the New Hampshire Attorney General. This means affected individuals are currently relying on secondhand disclosures rather than direct communication from CentreStack.

Because official details remain limited, it is not yet clear what remediation steps CentreStack has taken to secure its platform. It also remains unknown whether CentreStack plans to offer credit monitoring or identity protection services directly. However, individuals who suspect they may be affected are encouraged to enroll in credit monitoring services on their own and remain vigilant. This includes regularly reviewing account statements and credit reports for suspicious activity.

What Should Affected Individuals Do?

Monitor Your Credit Reports Regularly

Affected individuals should request free copies of their credit reports and review them carefully. Look for unfamiliar accounts, inquiries, or changes to your personal information. Because Social Security numbers were involved in this breach, ongoing monitoring is especially important.

You can access free credit reports from the three major credit bureaus. Reviewing your reports every few months, rather than just once, helps you catch fraudulent activity early. If you notice anything suspicious, report it to the credit bureau immediately.

Consider a Fraud Alert or Credit Freeze

Because this breach exposed Social Security numbers and driver’s license numbers, placing a fraud alert or credit freeze is a smart precaution. A fraud alert requires lenders to verify your identity before opening new credit in your name. A credit freeze goes further by blocking access to your credit file entirely.

To set up a freeze, you will need to contact each of the three major credit bureaus separately. While a freeze can feel inconvenient if you plan to apply for credit soon, it offers strong protection against identity thieves. For this reason, many security experts recommend freezing your credit after any breach involving Social Security numbers.

Watch for Phishing Attempts

After a data breach, scammers often use stolen information to craft convincing phishing emails or text messages. Because your name may now be linked to other stolen details, be cautious of unexpected messages asking you to verify personal information. Never click links or download attachments from unfamiliar senders.

Instead, if you receive a suspicious message claiming to be from a bank, government agency, or CentreStack-related organization, contact that organization directly using a verified phone number or website. This helps you confirm whether the message is legitimate. Staying skeptical of unsolicited requests for personal data is one of the best defenses against follow-up scams.

Protect Against Driver’s License Fraud

Because your driver’s license number may have been exposed, consider contacting your state’s Department of Motor Vehicles to ask about additional protections. Some states allow you to flag your license for potential fraud or request a new number if misuse is suspected. This step can help prevent someone from using your identification to commit fraud.

In addition, keep an eye out for unexpected mail related to vehicle registrations, tickets, or loans you did not apply for. These could be signs that someone is using your driver’s license number fraudulently. If you notice anything unusual, report it to your local DMV and law enforcement right away.



More Information

Official Notice from Centrestack

Official Notice from Bleepingcomputer

Related Data Breaches