Terra Holdings, LLC Data Breach

On February 13, 2025, Terra Holdings, LLC (“Terra Holdings”) detected suspicious activity affecting certain systems within its network environment. Terra Holdings immediately launched an investigation with assistance from third‑party forensic specialists to determine the nature and scope of the event.

Following the investigation, Terra Holdings determined that files were accessed or taken without authorization between February 11, 2025, and February 13, 2025. Due to the complexity of the impacted data, investigators could not identify the affected individuals until January 26, 2026, at which point Terra Holdings confirmed there was sufficient information to issue direct notice.

On February 12, 2026, Terra Holdings mailed formal notification letters to people whose information may have been involved in the incident. Additional notices were also sent to regulators and national credit reporting agencies.

 is a prominent New York City-based real estate holding company founded in the mid-1990s, specializing in residential brokerage and property management.

According to the notice, the incident involved data stored on internal systems that may have contained sensitive information about certain individuals.

Upon discovering the event, Terra Holdings enhanced its internal cybersecurity practices, implemented additional safeguards, provided employee training, and notified federal law enforcement. Impacted individuals are being offered 12 months of complimentary credit monitoring and identity restoration services through Epiq at no cost.

If you received a Data Breach notification letter from Terra Holdings, it confirms that your personal information may have been accessed and/or acquired by an unauthorized party during the incident.

What information is involved in the Terra Holdings, LLC Data Breach?

Compromised information may include:

Your Personally Identifiable Information (PII) includes details that can be used to identify you, while prescription information may relate to sensitive health‑related data tied to your contact lens order. Organizations that maintain this information must take appropriate steps to safeguard it under state and federal data‑privacy requirements.

If Protected Health Information (PHI) was involved, the exposed data may include medical information protected under HIPAA and state privacy laws. PHI exposure increases the risk of medical fraud, insurance fraud, and unauthorized use of confidential health data.

Terra Holdings states it has no evidence of misuse of the information at this time. However, incidents involving SSNs, state IDs, and financial data are considered significantly high‑risk because the consequences of misuse may occur months or years after exposure.

Residents of California benefit from enhanced privacy protections under the California Consumer Privacy Act (CCPA), which provides additional rights regarding the collection, storage, and protection of personal information. California residents may also have additional legal remedies when personal data is compromised in a breach.

If your information was involved, it is strongly recommended that you enroll in the provided credit monitoring services and monitor financial statements, credit reports, and banking accounts for unusual activity.

Contact the Data Breach Attorneys at Emery | Reddy today for a Free Case Review.