Sax Data Breach Exposes Sensitive Info of 3,176 Clients

On Aug. 7, 2024, Sax LLP, a well-established accounting, tax, and advisory firm headquartered in Parsippany, New Jersey, detected suspicious activity in its network environment. The investigation revealed that unauthorized individuals may have viewed or acquired personally identifiable information (PII) of current and former Sax clients.

By Dec. 1, 2025, Sax LLP had completed its analysis and began notifying those whose information was involved. The exposed data included a range of sensitive information, including full name, address, date of birth, government-issued identification card details, and Social Security number. There is no indication that protected health information (PHI) was involved. However, the exposure of PII puts individuals at risk of identity theft and financial fraud.

The breach was formally disclosed to the Attorney General's offices in California and Massachusetts on Dec. 22, 2025.

Sax's response

Following the discovery of the breach, Sax promptly secured its network, launched a detailed investigation, and implemented enhanced cybersecurity measures to reduce the risk of future incidents. The firm notified the Federal Bureau of Investigation and pledged to cooperate with authorities in any ongoing investigation. To support those affected, Sax has arranged for complimentary identity protection services through Epiq.

If you receive notification from Sax or your provider about this breach, you may want to:

• Sign up for the free Epiq identity theft protection services, offered by Sax.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

The company has also set up a dedicated call center for this incident at 855-720-3117, Monday through Friday, 9 a.m. to 9 p.m. ET.