IMA Diligence Services Data Breach: 525,306 Impacted

IMA Diligence Services LLC, a financial due diligence firm specializing in lender diligence and merger and acquisition support, experienced a data breach in December 2025 that impacted approximately 525,306 people in the United States, including 70,928 Texas residents, 3,392 Indiana residents, 1,464 Rhode Island residents, 934 Massachusetts residents, 200 New Hampshire residents and 40 Vermont residents.

Between Dec. 8 and Dec. 16, 2025, an unauthorized actor gained access to a legacy file server managed by a third party and acquired certain files stored on it.

On or about Dec. 16, 2025, IMA Diligence Services first learned that certain files on the server had become inaccessible. The company engaged third-party cybersecurity specialists to investigate the full nature and scope of the incident.

A ransomware group called Genesis later claimed responsibility for the attack. On Jan. 27, 2026, the group posted on the dark web that it had obtained 700 GB of data from the organization and threatened to publish it. The claimed data included customer information, business development data, confidential files, non-disclosure agreements, user folders, operational data and file server data.

IMA Diligence Services confirmed the breach exposed information including names, addresses, Social Security numbers, driver's license numbers, government-issued ID numbers, credit and debit card numbers and financial account information, health records, medical information and health insurance information.

The breach was additionally reported to the attorneys general of Maine and California. Impacted individuals were notified by U.S. mail beginning May 29, 2026.

IMA Diligence Services' response to the breach

IMA Diligence Services is offering affected individuals complimentary credit monitoring and identity restoration services through Cyberscout.

To enroll, affected individuals can visit the Cyberscout enrollment page and enter the unique code included in their notification letter. Enrollment must be completed within 90 days of the date on the letter.

The company has set up a dedicated assistance line at 1-844-593-7939, available from 8:00 a.m. to 8:00 p.m. Eastern time, Monday through Friday, excluding holidays. Consumers may also write to the company at 430 East Douglas Ave., Suite 400, Wichita, KS 67202.