DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Department of Justice says Berkeley Research Group data breach may have exposed information on diocesan sex abuse survivors

Posted on May 11, 2025 by Dissent

Daniel Payne reports:

The U.S. Department of Justice says a recent data breach of a California consulting firm exposed data of Catholic clergy abuse survivors in nearly a dozen bankruptcy lawsuits.

In a May 6 letter addressed to attorneys at law firm Proskauer Rose LLP, the Justice Department’s Nan Eitel, the associate general counsel for Chapter 11 practice in the Executive Office for United States Trustees, said that late last month multiple government trustees received notice of a data breach at Berkeley Research Group (BRG).

The Emeryville, California-based BRG offers corporate finance and economic consulting, including to Catholic dioceses in bankruptcy proceedings. The government’s letter said the data breach had occurred on March 2 but that trustees were only first informed on April 28.

Read more at Catholic News Agency.

On March 6, Bloomberg reported that BRG had suffered a cyberattack:

Berkeley Research Group suffered a cyberattack last week, according to people with knowledge of the matter, just as banks have been looking to wrap up a debt sale that would finance the consulting firm’s buyout by TowerBrook Capital Partners.

The firm discovered its systems had been breached on March 2, and received several ransomware notices from a hacker, according to the people, who asked not to be identified discussing a private transaction. The hacker claimed they had taken data from BRG’s systems and had encrypted files within its network, the people added.

BRG has hired data-security firm Octillo Law as well as Booz Allen Hamilton Inc.’s cyber team to deal with the breach, according to a notice sent to the company’s prospective loan investors and seen by Bloomberg News.

But while Bloomberg reported the news, it seems that BRG wasn’t notifying its clients promptly, with some claiming that they were not notified until April 28.

No ransomware gang has publicly claimed responsibility for this attack, and reading the government’s letter to Proskauer Rose, it seems clear that the government is very concerned about — and unhappy with — BRG’s incident response. Reporting by WSJ this week indicates the Proskauer Rose is representing the firm in court.

WSJ‘s report provides some additional details on the attack:

In its notification letters, BRG said the hacker accessed the data by posing as an internal IT worker on Microsoft Teams to log on to a worker’s laptop. Once inside the system, the hacker deployed a variant of Chaos ransomware and demanded payment in return for deleting stolen data, the firm said.

The firm said it paid the hacker an undisclosed amount.

After the payment was made, the hacker provided a “destruction log” and stated that any data gathered in the attack “has since been deleted and will not be disclosed further,” BRG said. To date, the firm said, it has “not detected any evidence of the distribution of any implicated materials.”

As always, DataBreaches reminds people that a criminal’s claims of data destruction should not be believed.

Read more at WSJ.

No related posts.

Category: Business SectorMalwareOf NoteU.S.

Post navigation

← Masimo Manufacturing Facilities Hit by Cyberattack
N.W.T.’s medical record system under the microscope after 2 reported cases of snooping →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns
  • One in Five Law Firms Hit by Cyberattacks Over Past 12 Months
  • U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware
  • Senator Chides FBI for Weak Advice on Mobile Security
  • Cl0p cybercrime gang’s data exfiltration tool found vulnerable to RCE attacks
  • Kelly Benefits updates its 2024 data breach report: impacts 550,000 customers
  • Qantas customers involved in mammoth data breach
  • CMS Sending Letters to 103,000 Medicare beneficiaries whose info was involved in a Medicare.gov breach.
  • Esse Health provides update about April cyberattack and notifies 263,601 people
  • Terrible tales of opsec oversights: How cybercrooks get themselves caught

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Oregon Amends Its Comprehensive Privacy Statute
  • Wisconsin Supreme Court’s Liberal Majority Strikes Down 176-Year-Old Abortion Ban
  • 20 States Sue HHS to Stop Medicaid Data Sharing with ICE
  • Kids are making deepfakes of each other, and laws aren’t keeping up
  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.