Barrett-Jackson auction company reports data breach
Learn More
The Barrett-Jackson Auction Company, a Scottsdale-based collector car auction house, is reporting a data breach that compromised the personal information of thousands of customers and employees.
The incident occurred on or around November 25, 2024, but was not reported to affected individuals and government regulators until late July 2025.
Barrett-Jackson reports that the incident impacted "some of the devices" within the company's network. The investigation concluded that certain files were copied during the breach.
Exposed data includes:
- Names and addresses
- Social Security numbers
- Driver's license numbers and passport numbers
- Financial account information including bank account and routing numbers
- Credit and debit card information
- COVID-19 vaccine details or results
- Health insurance information
- Digital signatures and authentication data
The nature of the attack and the total number of affected individuals is not disclosed. So far reported are 1,794 affected individuals in Texas, 65 in Maine, and 83 in New Hampshire. Barrett-Jackson is offering twelve months of complimentary credit monitoring services.
Barrett-Jackson largely completed its review of the compromised files on July 1, 2025 and started sending formal notifications on July 31, 2025.
The company is facing multiple class action lawsuits that allege that Barrett-Jackson took too long to reveal the breach and did not provide sufficient information about the incident, including failing to state how the breach occurred or whether the cybersecurity threat was contained.
