What Happened
In 2025, Fujifilm Biotechnologies (a subsidiary of Fujifilm) suffered a significant data breach discovered around October 2025, where unauthorized actors accessed its systems, exposing sensitive personally identifiable information (PII) and protected health information (PHI) of approximately 1,675 to over 3,500 current and former employees, including names, Social Security numbers, addresses, dates of birth, driver’s license numbers, government-issued IDs, and health insurance details. The company reported the incident to state attorneys general (e.g., Massachusetts on October 23, Texas on October 24, New Hampshire on October 27), faced a federal class-action lawsuit filed November 7 by a former intern alleging negligence and delayed notifications, and responded by mailing notices to affected individuals with 24 months of complimentary credit monitoring via Epiq’s Privacy Solutions ID. Separately, the main Fujifilm corporation (fujifilm.com, Japan-based) was targeted in a ransomware attack by ShinyHunters around August 17, 2025 (claimed October 3), though specific data exposed and record counts remain unclear. No confirmed misuse has been reported, but affected parties are advised to monitor credit and enable security freezes.
