JC Resorts, LLC Data Breach

On or about January 19, 2026, JC Resorts LLC (“JC Resorts”) became aware of unauthorized activity involving its computer network. According to the Notice of Data Event, JC Resorts promptly launched a response with the assistance of outside cybersecurity specialists to secure its systems and investigate the nature and scope of the incident.

The investigation determined that certain files stored within JC Resorts’ network were viewed and copied by an unauthorized actor on January 19, 2026. Following this finding, JC Resorts conducted a comprehensive review of the affected files to determine what information was involved and which individuals were impacted. This review was recently completed, allowing JC Resorts to identify affected individuals and issue notification letters.

JC Resorts reported that it moved quickly to assess the security of its systems, notify federal law enforcement, and evaluate additional safeguards. As part of its response, the company is implementing enhanced security measures and providing additional employee training designed to reduce the risk of similar incidents in the future.

JC Resorts LLC is a hospitality company headquartered in La Jolla, California, operating luxury resort properties and related services.

At the time of notification, JC Resorts stated that it had no evidence of identity theft or fraud resulting from the incident. However, the investigation confirmed that unauthorized access to files containing personal information did occur.

Individuals whose information may have been impacted began receiving written notification letters on or about April 28, 2026, including notice to at least one Maine resident. If you received a Notice of Data Event from JC Resorts LLC, it confirms that some of your personal information was present within the affected files.

As part of its response, JC Resorts is offering affected individuals twenty-four (24) months of complimentary credit monitoring and identity protection services through Experian IdentityWorks, provided enrollment is completed by the stated deadline in the notification letter.

What information is involved in the JC Resorts, LLC Data Breach?

Compromised information may include:

The specific data elements involved may vary by individual and are detailed in each personalized notification letter sent by JC Resorts.

Your Personally Identifiable Information (PII) includes sensitive details—such as your name and Social Security number—that can be used to identify you or commit fraud. Organizations that collect and maintain this information are legally obligated to protect it. When PII is exposed in a data breach, it may be used for identity theft, tax fraud, financial fraud, or other forms of misuse.

Because Social Security numbers are considered highly sensitive, affected individuals may face an increased risk of long-term identity theft and fraud. Criminals can use this information to open fraudulent accounts, file fake tax returns, or impersonate individuals for financial gain.

If your information was involved in this incident, it is important to remain vigilant. Impacted individuals are encouraged to regularly review financial account statements and credit reports for suspicious activity. JC Resorts also recommends following the guidance included in the notification letter, which outlines steps such as enrolling in credit monitoring, placing fraud alerts or credit freezes, and obtaining free annual credit reports.

Consumers may have legal rights when companies fail to adequately safeguard sensitive personal information. These rights vary by state and may depend on the type of data exposed and the circumstances surrounding the breach.

If you received a Notice of Data Event / Notice of Data Breach related to JC Resorts LLC, your personal information, including your Social Security number, may be at risk.

Contact the Data Breach Attorneys at Emery | Reddy today for a Free Case Review.