Breach at Wis. Transportation Company Exposes Sensitive Data
Wisconsin-based transportation, logistics, and warehousing firm WEL Companies suffered a data breach nearly a year before alerting stakeholders, a law firm investigating the incident said Thursday. Multiple states also recently reported the breach.
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
WEL began notifying affected individuals Nov. 19, despite the breach having occurred in January. This delay "may have violated state and federal laws,” said Schubert Jonckheer, which is examining the breach on behalf of potential victims.
Data involved in the breach included names, Social Security numbers and either driver’s license or state ID numbers, the firm said.
In a sample notification letter to Maine residents Wednesday, WEL said it “immediately took steps to secure its digital environment and engaged a leading, independent, cybersecurity firm to conduct an investigation,” in response to "unusual activity on its network."
The investigation found “that certain data stored on WEL systems may have been accessed or acquired without authorization and that certain individuals’ personal information may reside in the potentially affected data,” the letter added.
The Maine attorney general’s office reported on Wednesday that 515 of the total 122,960 parties impacted were state residents. Also on Wednesday, the attorney general's offices in New Hampshire and California reported the incident. South Carolina reported it Thursday, with its own sample letter that said "the investigation determined certain files were acquired without authorization on March 28, 2025."
WEL Companies could not be reached for comment by our deadline.