What Happened in the Superior Drywall Data Breach?
Superior Drywall Inc., a non-union commercial drywall contractor based in Fall River, Massachusetts, has confirmed a data breach involving sensitive personal information. The Superior Drywall data breach stemmed from a ransomware attack that hit the company’s computer network in January 2026. According to the company’s breach disclosure, unauthorized attackers accessed the network and viewed files between Jan. 9 and Jan. 12, 2026.
Shortly after the intrusion, a ransomware group known as Safepay claimed responsibility for the attack. As a result, the group posted a claim on the Tor network on Jan. 24, 2026, stating it had obtained the company’s data. This public claim served as an early signal that files may have left the network without authorization.
Following that discovery, Superior Drywall launched a review of the affected documents. Because ransomware investigations often require detailed forensic analysis, this process took several months. On May 22, 2026, the company determined that personal information had likely been subject to unauthorized acquisition during the January intrusion. This finding led directly to the notification process that followed.
Who was affected?
The Superior Drywall data breach affected individuals whose personal information was stored on the company’s compromised network. Based on regulatory filings, 730 Massachusetts residents and six New Hampshire residents have been identified so far as affected. However, the total number of people impacted nationwide has not been publicly disclosed.
It remains unclear whether the affected individuals are current or former employees, customers, contractors, or another category of people connected to Superior Drywall’s operations. In addition, the source material does not specify whether minors are among those affected. Given the geographic focus on Massachusetts and New Hampshire, the exposure appears concentrated in the Northeast, though additional residents in other states could still come forward as the investigation continues.
What Information Was Potentially Exposed?
The breach exposed several categories of sensitive personal data. This combination of identifiers creates meaningful risk for those affected, since it includes both identity and financial information.
- Full names
- Driver’s license numbers
- Financial account information
- Social Security numbers
Because Social Security numbers were involved, affected individuals face an elevated risk of identity theft. Criminals can use this combination of data to open new credit accounts, file fraudulent tax returns, or apply for loans in someone else’s name. This type of fraud can be difficult to detect quickly, especially if the victim is not actively monitoring their credit.
Similarly, the exposure of financial account information raises concerns about direct financial fraud. For example, attackers could attempt unauthorized withdrawals or use account details for further phishing attempts. Meanwhile, driver’s license numbers can be used to create fake identification documents, which increases the risk of broader identity fraud beyond just financial accounts.
What is the company doing?
In response to the breach, Superior Drywall conducted a thorough review of the affected files to determine the scope of the incident. This review ultimately confirmed that personal information had been compromised. Following that determination, the company began notifying affected individuals and relevant state regulators.
As part of its ongoing response, Superior Drywall is offering 24 months of complimentary credit monitoring and identity protection through Experian IdentityWorks. Each affected individual received a unique activation code along with an enrollment deadline in their notification letter. In addition, the company has set up a dedicated toll-free response line at 888-500-5569 for anyone with questions about the incident, available Monday through Friday from 9 a.m. to 9 p.m. Eastern Time, excluding major U.S. holidays.
What Should Affected Individuals Do?
Enroll in the Free Credit Monitoring
Anyone who received a notification letter from Superior Drywall should enroll in the complimentary Experian IdentityWorks service right away. This protection can help detect suspicious activity tied to your identity before it causes serious harm.
Because the enrollment window has a deadline, it’s important to act quickly rather than setting the letter aside. Use the unique activation code provided in your letter to complete enrollment, and keep a copy of your confirmation for your records.
Consider a Credit Freeze or Fraud Alert
Given that Social Security numbers and financial account information were exposed, affected individuals should strongly consider placing a credit freeze with the three major credit bureaus. A freeze restricts access to your credit report, which makes it much harder for criminals to open new accounts in your name.
Alternatively, a fraud alert requires creditors to verify your identity before extending new credit. This option is less restrictive than a freeze but still adds an important layer of protection. Either step can significantly reduce your risk of becoming a victim of new-account fraud.
Monitor Your Financial Accounts Closely
Because financial account information was part of the exposed data, it’s wise to review your bank and credit card statements regularly. Look for any charges or withdrawals you don’t recognize, even small ones, since fraudsters sometimes test accounts with minor transactions first.
If you notice anything suspicious, report it to your financial institution immediately. Acting quickly can limit your liability and help stop further unauthorized activity before it escalates.
Stay Alert for Phishing Attempts
Following any data breach, scammers often use stolen information to craft convincing phishing emails, texts, or phone calls. As a result, affected individuals should be cautious of unexpected messages claiming to be from Superior Drywall, banks, or government agencies.
Never click on links or provide personal information in response to unsolicited messages. Instead, verify the sender’s identity through official channels before responding, and consider consulting a data breach attorney for a free case evaluation if you have concerns about your specific situation.
More Information
Official Data Breach Notification Letter (PDF)
