What Happened in the Applied Natural Gas Fuels Data Breach?
Applied Natural Gas Fuels Inc., also known as Applied LNG, disclosed a data breach that exposed sensitive personal information belonging to at least one New Hampshire resident. The company is a major producer and distributor of liquefied natural gas and renewable LNG in the United States. According to its official filing, the Applied Natural Gas Fuels data breach involved unauthorized access to systems containing personally identifiable information.
The company first discovered the breach on Dec. 22, 2025, after identifying suspicious activity within its network. As a result, Applied LNG launched an incident response investigation to determine the scope of the intrusion. The source does not specify the exact method the attacker used to gain access.
By Feb. 20, 2026, the investigation confirmed that certain personal data had indeed been compromised. Following this determination, the company began notifying affected individuals. Applied LNG then formally disclosed the incident to the New Hampshire Attorney General’s office on Feb. 26, 2026.
Because the investigation took roughly two months to complete, forensic specialists likely needed time to review which systems were accessed. This is a common step in breach investigations. However, the source does not detail additional specifics about the forensic process beyond the confirmed compromise of personal data.
Who was affected?
The breach notification confirms that at least one New Hampshire resident was affected. However, the total number of individuals impacted nationwide has not been publicly disclosed. This means the true scope of the Applied Natural Gas Fuels data breach could be much larger than the single confirmed case.
Given that Applied LNG operates as a national producer and distributor, affected individuals could include current or former employees, contractors, customers, or other individuals whose data the company maintained. The notification letter does not specify whether the exposed information belonged primarily to employees or another group. As a result, anyone who received a notification letter from the company should treat it as a confirmed indication that their data was involved.
What Information Was Potentially Exposed?
According to the official disclosure, the attacker may have accessed and potentially acquired several categories of sensitive personal data. This information is highly sensitive because it can be used to impersonate victims or commit various forms of fraud.
- Full names
- Social Security numbers
- Passport numbers
- Driver’s license numbers
Because Social Security numbers were involved, affected individuals face a heightened risk of identity theft. Criminals can use stolen Social Security numbers to open new credit accounts, file fraudulent tax returns, or apply for loans in someone else’s name. In addition, this type of fraud can take months or even years to fully unwind.
The exposure of passport and driver’s license numbers adds another layer of risk. For example, these documents are often used as identity verification for government services, travel, and financial transactions. Consequently, someone with access to this combination of data could potentially create fraudulent identification documents or bypass identity checks at financial institutions.
What is the company doing?
Once Applied LNG confirmed that personal data had been compromised, the company began notifying affected individuals directly. In addition, it formally reported the incident to the New Hampshire Attorney General as required by state law. This notification included details about the type of data involved and guidance for next steps.
As part of its ongoing response, Applied Natural Gas Fuels is offering twelve months of complimentary identity protection services through Iris Identity Monitoring. This service includes one-bureau credit monitoring from Equifax, identity monitoring, identity theft restoration assistance, an insurance reimbursement policy, and access to a dedicated call center. The company is encouraging affected individuals to enroll within ninety days of receiving their notification letter.
Furthermore, the notification letter provides instructions on obtaining free credit reports, placing fraud alerts, and applying security freezes with the major credit bureaus. This guidance also includes contact information for relevant agencies that can offer additional support to affected individuals.
What Should Affected Individuals Do?
Monitor Your Credit Reports Closely
Affected individuals should request and review copies of their credit reports from all three major credit bureaus. Because Social Security numbers were exposed, criminals could attempt to open new accounts using stolen identities. Regularly checking your credit report helps you catch unauthorized activity early.
You can request a free credit report annually from each bureau through the official government-authorized website. In addition, many credit card issuers now offer free credit monitoring tools. Reviewing these reports every few months, rather than just once, gives you a better chance of spotting fraud quickly.
Place a Fraud Alert or Credit Freeze
Given that Social Security numbers, passport numbers, and driver’s license numbers were all involved, placing a security freeze on your credit files is strongly advisable. A credit freeze restricts access to your credit report, which makes it much harder for identity thieves to open new accounts in your name.
Alternatively, a fraud alert requires creditors to take extra steps to verify your identity before granting new credit. This option is faster to set up and still provides meaningful protection. You can contact any one of the three major credit bureaus to place either a freeze or an alert, since they are required to notify the other two.
Enroll in the Identity Protection Services Offered
Applied Natural Gas Fuels is providing twelve months of free identity protection through Iris Identity Monitoring to those affected. This service includes credit monitoring, identity restoration support, and an insurance reimbursement policy. Therefore, affected individuals should take advantage of this offer as soon as possible.
To enroll, follow the specific instructions included in your notification letter. Because the company recommends enrolling within ninety days, it’s best not to delay. This service can help detect suspicious activity faster than monitoring on your own.
Watch for Phishing and Suspicious Communications
After a data breach, scammers often send phishing emails or texts pretending to be from the breached company or a credit bureau. As a result, affected individuals should be cautious of any unsolicited messages asking for personal information or login credentials.
Always verify the sender before clicking links or providing information. If you receive a suspicious message, contact the company directly using a phone number or website you already know is legitimate. This extra step can prevent you from becoming a victim of a secondary scam tied to the original breach.
Report Suspected Identity Theft Promptly
If you notice any signs of fraud, such as unfamiliar accounts or unexpected credit inquiries, report the activity immediately. You should contact local law enforcement, the Federal Trade Commission, and your state’s consumer protection office.
Filing a report creates an official record that can help you dispute fraudulent charges or accounts later. In addition, consulting a data breach attorney can help you understand whether you may be eligible for compensation. An attorney can offer a free case evaluation and explain your legal options given the specific data exposed in this incident.
More Information
Official Notice from Appliedlng
Official Data Breach Notification Letter (PDF)
