Service Lighting, Inc. Data Breach

In March 2026, Service Lighting, Inc. issued a notice regarding a significant data breach that affected customers who made purchases through the company’s e‑commerce website. The company discovered that malicious code had been inserted into its online checkout system, capturing payment card information entered by customers between March 12, 2025 and September 16, 2025.

Once Service Lighting identified the issue, the company launched a prompt investigation and engaged external cybersecurity experts to determine the extent of the compromise. On February 2, 2026, investigators confirmed that payment card information from certain transactions may have been accessed or acquired by unauthorized actors.

Service Lighting, Inc. is a lighting distributor established in 1951, based in Maple Grove, Minnesota.

Service Lighting, Inc. continues to evaluate and adjust its security measures to safeguard customer information and prevent similar issues in the future. The company notified law enforcement as well as affected individuals through mailed letters.

Service Lighting is providing detailed consumer guidance, including actions to monitor accounts, implement fraud alerts, and place security freezes with the major credit bureaus. These protective steps were described in the notification packet sent to impacted individuals.

If you received a Data Breach Notification Letter from Service Lighting, Inc., it confirms your information may have been exposed.

What information is involved in the Service Lighting, Inc. Data Breach?

Compromised information may include:

This financial information is highly sensitive and can be used by cybercriminals to commit fraud, make unauthorized purchases, or attempt to open fraudulent accounts.

Your Personally Identifiable Information (PII) may be used by cybercriminals to commit identity theft or fraud—including opening unauthorized accounts, impersonating individuals, or conducting other malicious activity.

A specific category of PII is Protected Health Information (PHI)—medical‑related data protected under federal and state privacy laws. Because Cantata provides healthcare technology services, compromised PHI may be especially valuable to cybercriminals and can be misused in combination with PII. 

The company recommends monitoring payment card activity, requesting new card numbers if necessary, reviewing credit reports, and remaining alert for suspicious transactions. Detailed instructions for placing fraud alerts, initiating credit freezes, and contacting consumer protection agencies were included in the mailed breach notice.

Residents of California benefit from additional privacy protections under the California Consumer Privacy Act (CCPA), which grants enhanced rights regarding personal data. California residents may also have additional protections under state consumer-privacy regulations.

If you received a NOTICE OF DATA BREACH letter from Service Lighting, Inc., your financial information may be at risk and could be misused for identity theft or fraud.

Contact the Data Breach Attorneys at Emery | Reddy today for a Free Case Review.