NCH Corporation Data Breach Investigation
Strauss Borrelli PLLC, a leading data breach law firm, is investigating NCH Corporation (“NCH”) regarding its recent data breach. The NCH data breach involved sensitive personal information belonging to an undetermined number of individuals.
ABOUT NCH CORPORATION:
NCH is an industrial maintenance and solutions company based in Texas. Founded in 1919 as the National Disinfectant Company, NCH provides industrial and commercial businesses with a range of maintenance and cleaning solutions and products, including water treatment and remediation, plumbing, drain cleaners, lubricants, specialty chemical solutions, and more.2,3,4 Headquartered in Irving, Texas, NCH employs over 7,500 individuals an operates manufacturing plants across six continents.3
WHAT HAPPENED?
Recently, NCH announced that it had experienced a data breach in which sensitive personal identifiable information in its care may have been compromised. According to the breach notice shared on its website, NCH became aware that an unauthorized actor leveraged a previously unknown vulnerability in Oracle’s E-Business Suite (“Oracle EBS”), which NCH uses to manage operations, to take information from numerous organizations’ Oracle EBS applications.1 As a result, NCH launched an investigation to determine the nature of the incident.
Through its investigation, NCH confirmed that sensitive personal information in its Oracle EBS application may have been accessed and acquired by an unauthorized third party in mid-August. As a result, NCH began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Date of birth
- Benefits election information
As a result of the breach, NCH posted notice of the breach on its website. Additionally, on December 5, 2025, NCH began mailing data breach notification letters to impacted individuals. Based on the breach notice sent to Maine residents, NCH is providing affected individuals with a list of the specific types of sensitive information impacted and 12 months of complimentary credit monitoring services. A link to the website breach notice is below.
If you received a breach notification letter from NCH Corporation:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
