Berkeley Research Group Discloses Ransomware Attack

On March 2, 2025, the global management consulting firm, Berkeley Research Group (BRG), discovered suspicious activity on its network that was consistent with a ransomware attack. The unauthorized activity took place between February 28, 2025 and March 2, 2025. Upon detection, BRG acted to contain the incident by taking systems offline and engaging cybersecurity and privacy professionals to conduct a forensic investigation.

At this time, the investigation is ongoing, and BRG has not yet determined the full scope of the affected data or the total number of individuals impacted. However, BRG has confirmed that the breach may have involved both personally identifiable information (PII) and protected health information (PHI) stored in its systems.

The breach appears to be the result of a ransomware attack, which is a severe form of cybercrime where malicious actors gain unauthorized access to a network, encrypt data, and often demand payment for its release. While the identity of the attackers has not been disclosed, the nature of the compromise indicates a targeted and sophisticated intrusion.

Berkeley Research Group's response

Following the discovery of the incident, BRG implemented several security measures to protect its systems and the information they contain. These steps included resetting credentials for all users, deploying enhanced endpoint detection and monitoring, and enforcing stricter access controls and authentication procedures. The company also engaged leading privacy and security professionals to assist with the investigation and to improve its security and privacy practices moving forward.

BRG is working closely with government agencies to report the incident and is committed to keeping affected individuals informed as more details become available. While the investigation is ongoing, BRG encourages potentially affected individuals to remain vigilant against incidents of identity theft and fraud.

Recommended actions include reviewing account statements and explanation of benefits forms, monitoring free credit reports for suspicious activity, and taking advantage of resources provided by major credit bureaus.

For those seeking more information or assistance, BRG has provided a dedicated contact email: ITIncidentinquiries@thinkbrg.com. Additionally, the company has posted a detailed Notice of Data Incident on its website, outlining steps individuals can take to protect their personal information, including how to obtain free credit reports, place fraud alerts, and implement security freezes.

Given the nature of the breach—a ransomware attack that may have exposed both PII and PHI—it is especially important for affected individuals to monitor their financial and health records closely. If you notice any unauthorized activity, promptly contact your financial institution, healthcare provider, or the appropriate authorities.

For more information about BRG and its services, visit the company's official website.