Strauss Borrelli PLLC, a leading data breach law firm, is investigating Lessing’s Hospitality Group (“Lessing’s”) regarding its recent data breach. The Lessing’s data breach may have involved sensitive personal identifiable information belonging to an undetermined number of individuals.
ABOUT LESSING’S HOSPITALITY GROUP:
Lessing’s is a hospitality company based in New York. Founded in 1890, Lessing’s provides a range of hospitality and events services through their business divisions in catering and special events, their restaurant group, and their food service management division.3 Services provided by Lessing’s include catering for weddings, corporate galas, and private events; managing event properties and venues; operating a portfolio of dining concepts; partnering with schools, corporations, and private institutions to provide dining programs; and more.3 Headquartered in Great River, New York, Lessing’s employs over 1,000 individuals and operates over 100 locations across the Northeastern United States and Florida.3
WHAT HAPPENED?
Recently, Lessing’s reported to the Attorney General of Vermont that it had experienced a data breach in which sensitive personal identifiable information in its care may have been compromised. According to the breach notice, Lessing’s discovered suspicious activity involving an employee’s email account.1 As a result, Lessing’s launched an investigation to determine the nature of the incident.
Through its investigation, Lessing’s confirmed that the sensitive personal information in the affected email account may have been accessed by an unauthorized third party during the breach.1 As a result, Lessing’s began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. As of October 7, 2025, the type of information impacted in the breach has not been made publicly available by Lessing’s.¹ However, according to Vermont state reporting guidelines, “personal information” can include the following types of information:
- Name
- Social Security number
- Driver’s license or other government issued ID card numbers (e.g., individual taxpayer ID number, passport number, military ID card number)
- Financial account number or credit or debit card number
- Unique biometric data (e.g., fingerprint, retina or iris image, or other unique biometric representation)
- Genetic information
- Health record or records of a wellness program or similar program of health promotion or disease prevention (e.g., healthcare professional’s medical diagnosis or treatment of the consumer, health insurance policy number)
On October 3, 2025, Lessing’s began mailing data breach notification letters to impacted individuals. Based on the breach notice being sent to Vermont residents, Lessing’s is providing affected individuals with a list of the specific types of sensitive information impacted and complimentary credit monitoring services.1 A link to the letters that Lessing’s filed with the Attorney General of Vermont is below.
If you received a breach notification letter from Lessing’s Hospitality Group:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
