Georgia Heritage FCU Data Breach Investigation
According to a filing with the Maine Attorney General, Georgia Heritage Financial Credit Union reported a hacking-related data incident involving personal information. The filing indicates written notices were sent on January 15, 2026, and that identity protection services were offered. If you received a notice, it is important to review your credit, watch for suspicious activity, and keep copies of any communications you receive. You can also fill out the form on this page to see whether Strauss Borrelli PLLC can help evaluate your potential claim.
Georgia Heritage Financial Credit Union is a Georgia-based financial institution with a mailing address in Savannah, Georgia, according to the Maine Attorney General filing. As a credit union, it provides banking and related financial services to its members.
Key Facts at a Glance
According to a filing with the Maine Attorney General and the structured incident data provided for this post:
- Entity: Georgia Heritage Financial Credit Union
- Industry: Financial services / credit union
- Reported incident type: External system breach described as hacking
- Reported incident date: January 25, 2025
- Reported discovery date: February 10, 2025
- Reported notice date: January 15, 2026
- Reported affected population: 43,077 individuals, including 18 Maine residents
- Information that may have been involved: Name, Social Security number, date of birth, passport number, health records, and health insurance information
- Identity protection: The filing says 12 months of identity theft protection services were offered
- Public listing date: April 17, 2026
What Happened?
According to the Maine filing, the credit union reported an external system breach categorized as a hacking incident. The filing lists January 25, 2025 as the date the event occurred and February 10, 2025 as the date it was discovered. It also states that written notice was sent to affected consumers on January 15, 2026. Publicly available details appear limited, so the filing does not fully explain how the intrusion happened, how long any access may have lasted, or which systems were reviewed during the investigation.
What Information Was Exposed?
The structured incident data provided for this matter lists the potentially affected categories as name, Social Security number, date of birth, passport number, health records, and health insurance information. If those categories were involved, the combination could create risks that go beyond ordinary spam or phishing, including identity theft, fraudulent account activity, tax-related misuse, or misuse of medical and insurance information. Because public summaries can be brief, affected individuals should review any notice they received for the most specific description of the data tied to their own situation.
What Should You Do Next?
- Save the notice you received. Keep the letter or email, note the date it arrived, and preserve any claim number or enrollment code for identity protection services.
- Enroll in the offered protection if it is useful to you. The Maine filing says 12 months of identity theft protection services were offered, and enrollment deadlines can matter.
- Review your financial and medical accounts. Check bank, credit card, and loan activity, and look at health insurance explanations of benefits for charges or services you do not recognize.
- Check your credit reports and consider extra protections. You can request free credit reports and decide whether a fraud alert or credit freeze makes sense for your situation.
- Change passwords and stay alert for phishing. If you reused passwords anywhere, update them and turn on multi-factor authentication where available. Be cautious with calls, texts, or emails that reference this incident.
- Document suspicious activity promptly. If you see signs of misuse, keep screenshots, account statements, and correspondence. The public filing lists (786) 558-2100 as a contact number for the submission.
- Ask about your legal options. If you received a notice and want to understand whether you may have a claim, contact Strauss Borrelli PLLC using the form provided on this page.
Your Legal Rights
If your personal information was involved in a reported security incident, you may have legal rights depending on the facts and the laws that apply. In data incident matters, lawyers often examine whether reasonable safeguards were in place, whether the organization responded appropriately after discovering the issue, and whether notice was provided in a legally sufficient manner. In some cases, affected individuals may seek recovery for out-of-pocket losses, time spent addressing the problem, or other harm recognized by law. This page is general information only, and your specific rights can depend on where you live and what information may have been involved.
Why Hire Strauss Borrelli PLLC?
Strauss Borrelli PLLC represents individuals in data breach and privacy matters and investigates whether organizations used reasonable measures to protect sensitive information. Our team follows public filings closely, explains reported incidents in plain English, and helps people understand what steps may make sense after a notice arrives. If you received a Georgia Heritage Financial Credit Union notice, we can review the available facts, discuss possible next steps, and help you decide whether you want to pursue a claim.
Find out if you qualify for compensation
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
Frequently Asked Questions
Did Georgia Heritage Financial Credit Union report a data incident?
According to a filing with the Maine Attorney General, Georgia Heritage Financial Credit Union reported an external system breach described as hacking. The filing lists a January 25, 2025 incident date and says written notices were sent on January 15, 2026.
What information may have been involved in the Georgia Heritage Financial Credit Union incident?
The structured incident data for this matter lists name, Social Security number, date of birth, passport number, health records, and health insurance information as categories that may have been involved. Affected individuals should review their own notice for the most specific description tied to them.
How many people were reportedly affected?
The Maine Attorney General filing reports 43,077 affected individuals in total, including 18 Maine residents.
Were identity theft protection services offered?
Yes. According to the Maine filing, identity theft protection services were offered for 12 months.
What should I do if I received a notice from Georgia Heritage Financial Credit Union?
If you received a notice, save it, enroll in any offered protection before the deadline, review your credit reports and account activity, and watch for suspicious financial or medical use of your information. You can also contact Strauss Borrelli PLLC to ask about your legal options.
