Sax LLP, a top-ranked US accounting agency, has begun notifying over 220,000 people that delicate private information was compromised in a cyberattack that went undisclosed for greater than 16 months.
Based mostly in New Jersey, Sax is a prime 100 accounting and advisory firm with an annual income exceeding $100 million.
In a submitting with the Maine Legal professional Common’s Workplace, Sax revealed that it had detected a community intrusion on August 7, 2024. Nonetheless, it took the corporate nicely over a 12 months to finish its investigation and establish contact data for the impacted people.
The probe confirmed that hackers probably gained entry to its programs in late July 2024 and managed to acquire information containing the private data of 228,876 people.
In line with Sax, the compromised data varies for every particular person, however can embody title, date of start, SSN, driver’s license or state identification quantity, and passport quantity.
SecurityWeek has not seen any recognized ransomware group take credit score for an assault on Sax. It’s potential that the corporate was focused by cybercriminals who should not have a public leak web site, or the agency might have paid a ransom to forestall the info from being made public or distributed to others.
The corporate is providing impacted people 12 months of free credit score monitoring, darkish internet monitoring, credit score safety, and id restoration providers.
Nonetheless, the numerous delay in notifying victims renders these providers functionally out of date as a result of cybercriminals sometimes monetize stolen data throughout the first few months following the breach. Commercial. Scroll to proceed studying.
Associated: Coupang to Situation $1.17 Billion in Vouchers Over Information Breach
Associated: 22 Million Affected by Aflac Information Breach
Associated: Hacker Claims Theft of 40 Million Condé Nast Data After Wired Information Leak
Associated: 3.5 Million Affected by College of Phoenix Information Breach
