Strauss Borrelli PLLC, a leading data breach law firm, is investigating Aquarium of the Pacific regarding its recent data breach. The Aquarium of the Pacific data breach may have involved sensitive personal identifiable information belonging to an undetermined number of individuals.
ABOUT AQUARIUM OF THE PACIFIC:
Aquarium of the Pacific is a non-profit aquarium company based in California. Founded in 1998, Aquarium of the Pacific displays approximately 12,000 animals and more than 100 exhibits centered around the marine life of the Pacific Ocean.3 Headquartered in Long Beach, California, Aquarium of the Pacific employs over 200 individuals.3
WHAT HAPPENED?
Recently, Aquarium of the Pacific reported to the Attorney General of Vermont that it had experienced a data breach in which sensitive personal identifiable information in its care may have been compromised. According to the breach notice, on June 3, 2025, Aquarium of the Pacific discovered unusual activity in an employee’s email account.1 As a result, Aquarium of the Pacific launched an investigation to determine the nature of the incident.
Through its investigation, Aquarium of the Pacific confirmed that the sensitive personal information within the employee’s email account may have been accessed and acquired by an unauthorized third party between April 19 and June 3, 2025.1 As a result, Aquarium of the Pacific began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. On September 12, 2025, Aquarium of the Pacific completed this review. As of September 29, 2025, the type of information impacted in the breach has not been made publicly available by Aquarium of the Pacific.¹ However, according to Vermont state reporting guidelines, “personal information” can include the following types of information:
- Name
- Social Security number
- Driver’s license or other government issued ID card numbers (e.g., individual taxpayer ID number, passport number, military ID card number)
- Financial account number or credit or debit card number
- Unique biometric data (e.g., fingerprint, retina or iris image, or other unique biometric representation)
- Genetic information
- Health record or records of a wellness program or similar program of health promotion or disease prevention (e.g., healthcare professional’s medical diagnosis or treatment of the consumer, health insurance policy number)
On September 25, 2025, Aquarium of the Pacific began mailing data breach notification letters to impacted individuals. Based on the breach notice being sent to Vermont residents, Aquarium of the Pacific is providing affected individuals with a list of the specific types of sensitive information impacted and complimentary credit monitoring services. 1 A link to the letters that Aquarium of the Pacific filed with the Attorney General of Vermont is below.
If you received a breach notification letter from Aquarium of the Pacific:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
