On March 10, 2025, Cardi’s Department Store Inc. d/b/a Cardi’s Furniture and Mattress (“Cardi’s”) filed a notice of data breach with the Attorney General of Massachusetts after discovering that information in the company’s possession was subject to unauthorized access. In this notice, Cardi’s explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their name, Social Security number, financial account information, and driver’s license number. Upon completing its investigation, Cardi’s Furniture and Mattress began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you received a data breach notification from Cardi’s Furniture and Mattress, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the Cardi’s Furniture and Mattress data breach. For more information, please see our recent piece on the topic here.
What Caused the Cardi’s Furniture and Mattress Data Breach?
The Cardi’s Furniture and Mattress data breach was only recently announced, and more information is expected in the near future. However, at this early point, Cardi’s filing with the Attorney General of Massachusetts provides only limited information on what led up to the breach. Further, Cardi’s does not appear to have posted a website notice or issued a press release discussing the incident.
Based on the available information, we know that Cardi’s recently completed an investigation into a potential data security incident. Ultimately, Cardi’s investigation confirmed that an unauthorized party was able to access confidential information that had been provided to the company.
Notably, while it may be the case that Cardi’s Furniture and Mattress was the subject of a cyberattack, it’s also possible that Cardi’s is reporting a third-party data breach that occurred at one of the company’s vendors or partners.
Regardless, after learning that sensitive consumer data was accessible to an unauthorized party, Cardi’s Furniture and Mattress reviewed the compromised files to determine what information was leaked and which consumers were impacted. Cardi’s recently completed this process and, while the breached information varies depending on the individual, it may include your name, Social Security number, financial account information, and driver’s license number.
On March 10, 2025, Cardi’s Furniture and Mattress sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.
More Information About Cardi’s Furniture and Mattress
Cardi's Furniture & Mattress is a family-owned furniture and mattress retailer offering a wide selection of home furnishings, mattresses, and décor. Headquartered in Swansea, Massachusetts, the company serves customers throughout Rhode Island, Massachusetts, and New Hampshire with multiple showroom locations and an extensive online store. The organization employs approximately 500 people and generates an estimated $150 million in annual revenue.
