On or about May 22, 2025, Davies, McFarland & Carroll (“DMC”) detected that an unauthorized party gained access to its internal network. The company immediately launched an investigation with external cybersecurity experts and legal counsel. After a thorough forensic review, DMC determined on September 25, 2025, that certain files containing personal information were stored in the impacted systems and may have been accessed between May 19, 2025, and May 22, 2025.
While there is no evidence that medical information has been misused, DMC is notifying affected individuals and offering 12 months of complimentary credit monitoring through Cyberscout, a TransUnion company specializing in fraud assistance.
Davies, McFarland & Carroll is a Pittsburgh-based defense litigation law firm with a history of over 150 years. The firm specializes in various areas, including business and commercial litigation, insurance defense, and workers’ compensation.
Following the breach, DMC implemented enhanced security measures and continues to monitor its systems.
If you received a Data Breach notification letter from DMC, it confirms that your information was potentially impacted.
What information is involved in the Delta Dental of Virginia Data Breach?
Compromised information may include:
First Name
Last Name
Social Security Number
Medical Information
Health Insurance Details
Your Personally Identifiable Information (PII) includes details that can identify you, and organizations are legally obligated to safeguard this data. Failure to do so can result in statutory fines and other legal consequences. If PII is stolen, it may be exploited by criminals to commit identity fraud.
A specific category of PII is Protected Health Information (PHI), which pertains to personal medical data. PHI is protected under federal and state regulations. Entities such as healthcare providers and businesses that manage PHI must ensure its security. Just like PII, compromised PHI can be misused by identity thieves, and it’s common for cybercriminals to use both types of information together.
If your data has been exposed in a breach, one of the most effective steps you can take is to enroll in credit and identity monitoring services promptly.
Residents of California benefit from enhanced privacy rights under the California Consumer Privacy Act (CCPA) and medical privacy protections under the Confidentiality of Medical Information Act (CMIA). These laws grant additional rights and remedies for breaches involving personal and medical data.
If you received a NOTICE OF DATA BREACH letter from DMC, your personal, financial, and/or medical information may be at risk. This type of data can be exploited by identity thieves to commit fraud and other crimes.
Contact the Data Breach Lawyers at Emery | Reddy, PC for a Free Case Review today.