Obagi Medical Data Breach Investigation
Obagi Cosmeceuticals LLC dba Obagi Medical was identified in a Massachusetts regulatory filing dated May 12, 2026, relating to a reported data incident. Publicly accessible details are limited at this time, but the filing indicates certain sensitive personal information may have been involved. If you received a notice or believe your information may be affected, it is important to review your options and monitor for misuse. You can also fill out the form on this page to see whether you may qualify for a claim.
Obagi Cosmeceuticals LLC dba Obagi Medical is a California-based company in the pharmaceutical manufacturing industry. A Massachusetts Attorney General filing indicates the company reported a data incident in 2026, which may matter to people who shared personal information with the company.
Key Facts at a Glance
- Company: Obagi Cosmeceuticals LLC dba Obagi Medical
- Industry: Pharmaceutical Manufacturing
- Location: California
- Regulatory filing listed: Massachusetts Attorney General filing
- Notice date reported: May 12, 2026
- Public listing date: May 12, 2026
- Information that may have been involved: Name, Social Security number, and driver’s license number
- Affected population: Not publicly disclosed in the available structured data
- Incident date: Not publicly available from the accessible materials reviewed here
What Happened?
According to a Massachusetts Attorney General filing, Obagi Medical reported a data incident. Detailed information from the official notice is not publicly accessible at this time. The following summary is therefore based on the regulatory filing and the limited structured information currently available.
At this stage, publicly available materials do not clearly describe when the underlying event occurred, how it was discovered, or whether a third party was involved. If additional official notice details become available, those facts may provide a fuller timeline and a clearer explanation of what happened.
What Information Was Exposed?
The filing indicates that personal information may have included names, Social Security numbers, and driver’s license numbers. Because the full notice was not accessible for review, it is not yet clear whether every affected person had the same data elements involved or whether any additional categories of information were listed in the company’s notice.
These data types are sensitive because they can be used in identity theft, account fraud, or impersonation attempts. Even when misuse is not immediately apparent, people often benefit from taking precautionary steps to protect their credit and identity.
What Should You Do Next?
- Review any notice you received carefully. Check what the letter says about the information involved, the timing, and whether any protective services were offered.
- Consider placing a fraud alert or credit freeze. If Social Security number or driver’s license information may have been involved, a fraud alert or freeze can help reduce the risk of new-account fraud.
- Monitor your financial and credit activity. Watch bank accounts, credit card statements, insurance records, and credit reports for unfamiliar activity.
- Stay alert for phishing. After a reported data incident, scammers may send emails, texts, or calls that appear legitimate and ask for more personal information.
- Keep records. Save any notice letter, screenshots, account statements, and notes about suspicious activity. Good records can help if problems arise later.
- Ask about your legal options if you were notified. If you received a letter from Obagi Medical or believe your information may have been involved, you can contact us using the form provided on this page to see whether you may qualify for a claim.
Your Legal Rights
If your personal information was involved in a reported data incident, you may have legal rights depending on the facts, the state laws that apply, and whether you experienced actual misuse or a meaningful risk of harm. In some situations, affected individuals may seek remedies related to out-of-pocket losses, time spent addressing fraud concerns, or the value of credit and identity protection services.
You may also have the right to receive clear notice about what information was involved and what steps were taken in response. Because the publicly available details here are limited, it is important not to assume the same rights or claims apply to every person. A lawyer can help evaluate the specific notice you received and explain next steps in plain language.
Why Hire Strauss Borrelli PLLC?
Strauss Borrelli PLLC represents consumers in data breach and privacy matters and understands how to evaluate reported security incidents involving sensitive personal information. Our team focuses on clear communication, careful case review, and practical guidance for people trying to understand what a notice means and what options may be available.
If you received a notice connected to Obagi Medical, Strauss Borrelli PLLC can assess the publicly reported facts, review your situation, and help you understand whether you may have a claim. Filling out the form on this page is a simple way to get started.
If you received a breach notification letter from Obagi Medical:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
