Saratoga Harness Racing, Inc. Data Breach

NOTICE: If you received a NOTICE OF DATA BREACH letter from Saratoga Harness Racing, Inc., contact the Arnold Law Firm at (916) 777-7777 to discuss your legal options, or submit a confidential Case Evaluation form here.

On December 31, 2025, Saratoga Harness Racing, Inc. (“SHR”) reported a significant cybersecurity incident to the Maine Attorney General’s Office, later updating its report on January 30, 2025. According to the notice, SHR experienced a network disruption on November 1, 2024, which revealed that an unauthorized party had accessed consumers’ private and sensitive personal information. The breach has impacted approximately 5,501 individuals.

Recently, SHR began sending data breach notification letters to those affected by the Data Breach. Each notification letter includes complimentary access to credit monitoring and identity restoration services. If you received a data breach notification letter from SHR, it indicates that you were affected by the Data Breach. 

Headquartered in Saratoga Springs, New York, SHR operates Saratoga Casino and Hotel and has been hosting live harness racing for 84 years, making it one of the oldest and most established harness racing tracks in the United States. Drawing thousands of visitors annually, SHR conducts approximately 150 racing programs each year and generates an estimated $10 million in annual revenue.

WHAT INFORMATION IS INVOLVED IN THE SARATOGA HARNESS RACING, INC. DATA BREACH?

As the Data Breach was only recently announced, SHR has only disclosed very limited information so far. We are closely monitoring the ongoing investigation, and more details are expected to emerge as the company is required to notify all impacted individuals. 

Typically, the confidential information compromised in such cybersecurity incidents involves your name, date of birth, Social Security number, driver’s license information, government-issued ID number, financial information, as well as health insurance information and medical information. 

Collectively, this information is called your Personally Identifiable Information (“PII”). It tells others about you and is considered part of your identity. Businesses are required to secure this information or risk facing statutory penalties, among other legal penalties. Stolen PII can be used by identity thieves to engage in fraudulent activity using your identity. 

Personal medical information (a specific type of PII) is referred to as Protected Health Information (“PHI”). It is protected under both state and federal law. Healthcare providers and other businesses that handle PHI are required to protect that information. Like stolen PII, stolen PHI can be used by identity thieves to engage in fraudulent activity using your identity. Quite often, PII and PHI are used in conjunction by hackers.

The best way to protect yourself after a data breach is to sign up for credit and identity protection services as soon as possible. 

California offers extra protections and legal rights to its residents through the California Consumer Privacy Act (“CCPA”).

NOTICE: If you received a NOTICE OF DATA BREACH letter from Saratoga Harness Racing, Inc., contact the Arnold Law Firm at (916) 777-7777 to discuss your legal options, or submit a confidential Case Evaluation form here.