Chime Faces Three Lawsuits Over April 1 Breach Claims — Chime Data Theft Allegations
Three proposed class actions accuse Chime of an April 1 breach, and the chime data theft allegations center on stolen Social Security numbers and other personal data. The lawsuits were filed after a service outage that locked customers out of balances, transfers and logins for hours. Chime said during the incident that customer money and information were safe.
April 1 outage at Chime
Chime Financial’s mobile app went down shortly before 1 p.m. Eastern time on April 1. DownDetector showed 6,647 problem reports against a baseline of four.
Customers could not log in, view balances or send money during the disruption. Chime told customers on its status page that “the money in your account and your personal information are secure,” and its website said “the threat actor did not steal any data.”
Team 313 breach claims
The complaints say a pro-Iranian hacker group called Team 313 breached Chime’s systems on April 1. Team 313 posted on its leak site that it “launched a massive cyberattack targeting the servers of Chime,” and said the attack lasted an hour.
The lawsuits allege that attackers stole Social Security numbers, dates of birth, government-issued IDs and other personal information from customers. The complaints also rely on reporting from Newsweek and, a Team 313 post and a March 2026 threat advisory from cybersecurity firm Hawkeye.
Customer claims in court
Three proposed class actions were filed in the following month in the U.S. District Court for the Northern District of California. Law firm Strauss Borrelli filed the first complaint two days after the outage, and two more firms followed within two weeks.
The named plaintiffs include Cindy Castaneda, Lauren Goodloe, Michael Walsh and Melissa Porter. Castaneda and Goodloe said they could not see their account balances during the outage. Goodloe said she worried about a late rent payment. Walsh said he received a bank alert about an attempted unauthorized credit card charge, and he said he later received a notice that his information had appeared on the dark web. Porter described fear, anxiety and the time she spent monitoring her accounts.
As of May 4, Chime had not filed a notice of a material cybersecurity incident with the SEC. The SEC adopted a cybersecurity-disclosure rule in 2023 that requires a current report within four business days after a company determines an incident is material. The filings leave the main factual split intact: Chime told customers no data was stolen, while the lawsuits say the outage hid a breach that exposed some of the most sensitive identifiers in consumer banking.
