Sax LLP, a top-ranked US accounting agency, has begun notifying over 220,000 people that delicate private information was compromised in a cyberattack that went undisclosed for greater than 16 months.
Primarily based in New Jersey, Sax is a prime 100 accounting and advisory firm with an annual income exceeding $100 million.
In a submitting with the Maine Lawyer Basic’s Workplace, Sax revealed that it had detected a community intrusion on August 7, 2024. Nonetheless, it took the corporate effectively over a yr to finish its investigation and determine contact info for the impacted people.
The probe confirmed that hackers seemingly gained entry to its methods in late July 2024 and managed to acquire information containing the non-public info of 228,876 people.
Based on Sax, the compromised info varies for every particular person, however can embrace identify, date of delivery, SSN, driver’s license or state identification quantity, and passport quantity.Â
SecurityWeek has not seen any recognized ransomware group take credit score for an assault on Sax. It’s attainable that the corporate was focused by cybercriminals who do not need a public leak web site, or the agency might have paid a ransom to stop the information from being made public or distributed to others.
The corporate is providing impacted people 12 months of free credit score monitoring, darkish internet monitoring, credit score safety, and identification restoration companies.Â
Nonetheless, the numerous delay in notifying victims renders these companies functionally out of date as a result of cybercriminals sometimes monetize stolen info throughout the first few months following the breach.Â
Associated: Coupang to Challenge $1.17 Billion in Vouchers Over Information Breach
Associated: 22 Million Affected by Aflac Information Breach
Associated: Hacker Claims Theft of 40 Million Condé Nast Information After Wired Information Leak
Associated: 3.5 Million Affected by College of Phoenix Information Breach
