Kaplan Data Breach Exposes Over 230,000 Social Security and Driver’s License Numbers
What Happened — In the fall of 2025, threat actors gained unauthorized access to Kaplan’s internal servers for roughly three weeks (Oct 30 – Nov 18). During that window they copied files containing names, Social Security numbers and driver’s license numbers, affecting more than 230,000 individuals across seven U.S. states.
Why It Matters for TPRM —
- Personal identifiers (SSNs, DLNs) are high‑value data that can fuel identity theft and fraud.
- Kaplan’s extensive footprint (27 countries, 15,000 corporate clients) means the breach could cascade to downstream vendors and partners.
- Ongoing class‑action litigation signals heightened regulatory and reputational risk for any organization that relies on Kaplan’s services.
Who Is Affected — Education and professional‑development sector; corporate clients using Kaplan’s employee‑training platforms; any third‑party that integrates with Kaplan’s data pipelines.
Recommended Actions —
- Verify whether your organization transmits personal data to Kaplan and assess the exposure.
- Request evidence of Kaplan’s post‑incident remediation (e.g., enhanced network segmentation, MFA, monitoring).
- Update contractual clauses to require breach notification within 24 hours and enforce data‑handling standards.
Technical Notes — The intrusion was discovered after law‑enforcement was notified; no specific malware, phishing campaign, or vulnerability was publicly identified, and no hacking group claimed responsibility. Stolen data includes names, Social Security numbers and driver’s license numbers. Source: The Record