Dulcich Confirms Data Breach Affecting Over 40,000 Individuals

Seafood processing and distribution company Dulcich said the data security incident it suffered last year compromised the sensitive personal data of more than 40,000 individuals, including customers, employees, and business partners.

 

Based in Clackamas, Oregon, Dulcich is the parent company of Pacific Seafood Group, a major seafood business headquartered in the same city. Dulcich Inc. operates as a food processor and distributor, primarily focusing on seafood, while also managing a grape-growing division under the Pretty Lady Vineyards brand.

 

In a data security incident notice filed with the Office of Maine Attorney General, Dulcich said that on September 29, it identified unauthorised access within its internal network. The company immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

It also took steps to secure the affected systems and notified relevant law enforcement authorities including the Federal Bureau of Investigation about the same.

 

“The investigation revealed that the unauthorised party gained access to our network between June 24, 2024, and June 25, 2024. On September 29, 2025, we determined that the unauthorised party may have accessed and attempted to acquire certain files that contained your personal information,” Dulcich said.

 

The compromised data included names and other personal identifiers including Social Security Numbers. The filing with the Maine state regulator’s office also states that Dulcich has identified at least 40,066 individuals affected by the incident.

 

While Dulcich found no evidence of the compromise data being misused, it has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and the state attorney general. 

 

It has also offered complimentary identity protection and credit monitoring services through  Experian IdentityWorksSM Credit 3B to all affected individuals.

 

At the time of publishing, no known hacker group claimed responsibility for the cyber attack on Dulcich. The seafood processing and distribution company also did not share details on who was behind the attack, how much data was compromised, or whether it has received a ransom demand.