North Los Angeles County Regional Center Data Breach Investigation
North Los Angeles County Regional Center has reported a data incident that may have involved highly sensitive personal and health information. Public regulatory information lists the matter as a hacking/IT incident, but several important details—including how many people were affected—have not been publicly disclosed in the materials reviewed here. If you received a notice or believe your information may have been involved, you should take practical steps to protect yourself and keep records. You can also fill out the form on this page to contact Strauss Borrelli PLLC and see whether you may qualify for a claim.
North Los Angeles County Regional Center is a California healthcare entity. The organization has posted a webpage titled “Notice of Data Incident” on its website. Publicly available materials reviewed for this article provide limited detail, so the summary below focuses on what appears in regulatory information and the company’s public posting.
Key Facts at a Glance
- Entity: North Los Angeles County Regional Center
- Industry: Healthcare
- Location: California
- Reported incident type: Hacking/IT incident
- Reported incident dates: State attorney general filings list November 20, 2024 and December 1, 2024
- Public listing date: June 30, 2026
- Information that may have been involved: Name, address, Social Security number, date of birth, driver’s license number, financial account number, health records, and health insurance information
- Number of affected individuals: Not publicly disclosed in the materials reviewed
- Notice date: Not stated in the materials reviewed
What Happened?
According to state attorney general filings in California and Massachusetts, the matter was reported as a hacking/IT incident and was publicly listed on June 30, 2026. Those filings identify two dates in late 2024, but the public materials reviewed here do not explain whether they mark the start and end of suspicious activity, internal system events, or another part of the investigation.
The organization’s website includes a page labeled “Notice of Data Incident,” but the detailed notice text was not available in the accessible source material reviewed for this article. Because of that limitation, key details remain unclear, including when the issue was discovered, how many people were affected, and whether identity-protection services were offered.
What Information Was Exposed?
Regulatory information indicates the reported incident may have involved several categories of sensitive data. The categories listed publicly include:
- Name and address
- Social Security number and date of birth
- Driver’s license number
- Financial account number
- Health records
- Health insurance information
If even part of that information was involved, the risks can include identity theft, fraudulent account activity, medical identity issues, and highly targeted phishing attempts. That is why it is important to treat any unexpected emails, calls, or letters referencing your benefits, health coverage, or financial accounts with extra caution.
What Should You Do Next?
- Keep all notices and related records. Save any letter or email you received, note the date it arrived, and keep screenshots of suspicious account activity or communications.
- Review your credit and consider added protections. Check your credit reports for unfamiliar activity, and consider placing a fraud alert or security freeze if you believe your Social Security number or other core identifiers may have been involved.
- Watch bank, benefits, and insurance statements closely. Look for charges, claims, or account changes you do not recognize, especially if financial or health information may have been part of the incident.
- Be alert for phishing. Criminals often use reported security incidents to make scam emails and phone calls seem more believable. Do not click unfamiliar links or share personal information unless you independently verify who contacted you.
- Ask questions and explore your legal options. The organization’s website lists publicinfo@nlacrc.org and (818) 245-5571 as contact information. If you want help understanding whether you may have a claim, you can also fill out the form on this page to contact Strauss Borrelli PLLC.
Your Legal Rights
If your personal, financial, or health information was involved, you may have legal rights depending on the facts of the incident and the law that applies to your situation. In plain terms, that can include the right to receive notice, ask what categories of information were involved, and seek relief if an organization did not use reasonable safeguards for sensitive data.
You do not need to figure that out alone. Keeping the notice, your credit-monitoring records, fraud reports, and any out-of-pocket losses can make it easier to evaluate whether you have a viable claim. Deadlines may apply, so acting sooner is usually better than waiting.
Why Hire Strauss Borrelli PLLC?
Strauss Borrelli PLLC represents people affected by data breaches and privacy incidents and understands how to evaluate notice letters, technical disclosures, and the real-world risks tied to sensitive personal and health information.
Our team works to identify what was reported, what protections may be available, and whether affected individuals may have claims worth pursuing. If you received a notice related to this reported incident or are concerned your information may have been involved, use the form on this page to request a free review.
If you received a breach notification letter from North Los Angeles County Regional Center:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.










