Heavy Hammer Data Breach Investigation — 22,717 People Notified
UpdatedJune 20, 2023
If you got a Heavy Hammer, Inc. notice, your name, financial account and bank card information may have been among the data exposed when the Annapolis marketing firm's database was breached in April 2023.
Heavy Hammer, Inc. is a company based in Annapolis, Maryland that offers technological marketing and media solutions for businesses. On June 6, 2023, Heavy Hammer sent notifications to 22,717 customers informing them that their sensitive data had been exposed in a breach of their database by an unknown hacker. The breach occurred on April 21, 2023, when an unauthorized third party broke into the Heavy Hammer database and accessed user data inappropriately.
The incident compromised internal servers of Heavy Hammer, Inc., which may have started as a phishing and then resulted in a ransomware attack that could have compromised 20,000+ consumers' sensitive information that was transmitted on one of the following websites:
Data breaches are serious matters that can cause long term damage. Hackers break into networks so that they can steal your personal information to sell it on the dark web, commit identity theft, financial theft or other frauds. The theft of sensitive, protected health information, and personally identifiable information can lead to a plethora of problems for individuals who are the victims of data breaches that occurred in databases they were not even aware of, such as in the case of the this data breach. The Heavy Hammer database was hacked and some of the following following personal information was accessed without authorization by potentially malicious bad actors:
• Routing Numbers,
• Names, routing numbers, financial account and bank card information belonging to Heavy Hammer customers.
• Contact Information,
• Financial Accounts,
• Bank Card Information.
StatusInvestigationmonitoring for a class action or settlement — nothing to file yet
People Notified22,717customers notified of the April 21, 2023 breach
Data ExposedFinancial · Bank Cardnames, routing numbers, financial account & bank card data
Proof RequiredYesthe data-breach notice letter from Heavy Hammer
What is Phishing and How Can Lead to Data Breaches?
Phishing is when bad guys pretend to be trustworthy and trick people into giving them sensitive information like passwords or credit card numbers. They do this through fake emails, messages, or websites. When people fall for it, malicious cyber-attackers can:
• Get into important accounts or systems.
• Take control of someone's account and misuse their information.
• Put harmful software on a person's device to steal information.
• Use stolen login details on other websites to cause more breaches.
• Once they have the information, the bad guys can steal money or pretend to be someone else.
To stay safe, be careful about sharing personal info online, double-check requests, and update passwords. Organizations can also teach people about phishing and use security measures to stop data breaches.
Data breaches can also result in a long-term erosion of personal data privacy, as the hacked personally identifiable information may be traded or shared amongst cyber-criminals for years to come, on the internet, the dark web, or elsewhere.. This significantly increases the risk of further identity theft, financial fraud and massive headaches for consumers and victims.
For more open class actions keep scrolling below.
More on Data Breach Settlements & Investigations
Bray International Data Breach Settlement: $45 cash or up to $3,000 documented losses for people in the April 2024 Bray International data incident. See who qualifies →
Urban One Data Incident Settlement: Up to $500 pro-rata cash (no proof) or $10,000 documented loss + 3 years credit monitoring for the March 2025 incident. Check the claim →
Union Bank & Trust MOVEit Data Breach Settlement: $100 cash or up to $10,000 documented loss + 2 years credit monitoring for people in UBT's 2023 MOVEit breach. Read more →
Hot Data Breaches Hub: Track every open data-breach settlement and investigation OCA is following right now. Browse breaches →