BerryDunn, an accounting firm, has experienced a significant data breach due to a third-party intrusion, impacting the personal information of over one million people. The breach was first noticed on September 14th, 2023, when BerryDunn was alerted to suspicious network activity affecting one of its vendors, Reliable Networks of Maine. This company, specializing in network maintenance and monitoring, discovered the suspicious activity on its network, which led to the breach.
Upon learning of the issue, BerryDunn quickly activated its incident response protocols and engaged cybersecurity experts to help determine the nature and extent of the incident. The investigation found that a threat actor had gained access to Reliable’s network and had copied data stored on its systems. The types of compromised data included names, addresses, driver’s license numbers, and non-driver identification cards, varying from person to person.
BerryDunn’s internal investigation was thorough and concluded nearly a year later, on April 2nd, 2024. As part of the remediation efforts, BerryDunn took decisive steps to secure the compromised data. This included decommissioning all BerryDunn systems under Reliable’s control and migrating all affected data to secure internal systems. These systems are now continuously monitored as part of BerryDunn’s strengthened cybersecurity program.
In response to the breach, BerryDunn is offering identity theft protection services through IDX, A Zero Fox Company, to all affected individuals to help mitigate the potential impact of the breach. This measure aims to provide reassurance to the affected clients and help protect their information from further misuse. BerryDunn’s proactive measures in response to the breach demonstrate their commitment to securing client data and enhancing their cybersecurity defenses against future incidents.
