BerryDunn suffers third-party breach, 1M affected

Accounting firm BerryDunn has suffered a third-party breach that revealed the personal information of over 1 million people.

BerryDunn was notified on September 14th, 2023, that one of its vendors, Reliable Networks of Maine, a network maintenance and monitoring company, had “discovered suspicious network activity that was impacting its network.”

BerryDunn claims to have “immediately implemented its incident response protocols and engaged cybersecurity experts to assist with determining what occurred and whether any data was compromised.”

The information compromised varies from person to person, but the data involved includes:

  • Names
  • Addresses
  • Driver’s license numbers
  • Non-driver identification cards

The investigation revealed that a threat actor had accessed Reliable’s network and copied data stored on its systems.

BerryDunn's internal investigation concluded on April 2nd, 2024, almost a year after the company was notified of the intrusion.

The accounting firm has “taken steps to secure the HAPG data, such as decommissioning all BerryDunn systems under Reliable’s control and migrating all HAPG data to secure internal BerryDunn systems that are continually monitored as part of our cybersecurity program.”

BerryDunn is offering identity theft protection services through IDX, A Zero Fox Company.

More from Cybernews:

Potential TikTok ban putting thousands of jobs at risk, California senator warns

GitHub’s 2FA rollout a success, says platform

Airchat – the latest social networking platform for audio communication – review

GPT-4 can autonomously exploit vulnerabilities

Microsoft: Russian APT 28 exploits Windows bug with GooseEgg tool 

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked