Strauss Borrelli PLLC, a leading data breach law firm, is investigating Berkeley Research Group, LLC, which does business as BRG, regarding its recent data breach. The BRG data breach involved sensitive personal information belonging to an undetermined number of individuals.
ABOUT BERKELEY RESEARCH GROUP, LLC D/B/A BRG:
BRG is a management consulting firm based in California. Founded in 2010, BRG services span the fields of corporate finance, economics, disputes and investigations, and performance improvement, turnaround and restructuring, and transaction advisory.2 Today, BRG serves businesses in a variety of industries, including healthcare, energy and climate, government and public sector, technology, media and telecommunications, construction, real estate, financial services, and more.3 Headquartered in Emeryville, California, BRG has over 40 offices across six continents and employs over 1,000 individuals. 4,5
WHAT HAPPENED?
Recently, BRG announced that it had experienced a data breach in which sensitive personal identifiable information in its care may have been compromised. According to the breach notice, on March 2, 2025, BRG discovered suspicious network activity including indicators of compromise consistent with a ransomware attack.1 As a result, BRG launched an investigation to determine the nature of the incident.
Through its investigation, BRG confirmed that sensitive personal information in its systems may have been accessed by an unauthorized third party between February 28, and March 2, 2025. As a result, BRG began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. As the investigation is ongoing, the exact type of personal information potentially exposed has not been made publicly available by BRG. However, according to state reporting guidelines, “personal information” can include the following types of information:
- Name
- Social Security number
- Driver’s license number, California ID card number, tax identification number, passport number, military ID number, or other unique ID number issued on a government document
- Account number or credit or debit card number, in combination with any required security code, access code, or password that would permit access to an individual’s financial account
- Medical information
- Health insurance information
- Unique biometric data generated from measurements or technical analysis of human body characteristics, such as a fingerprint, retina, or iris image, used to authenticate a specific individual
- Genetic information
As a result of the data breach, BRG posted a notice of the incident on its website. Additionally, BRG plans to send breach notification letters to impacted individuals. Based on the website breach notice, BRG is providing affected individuals with a list of the specific types of sensitive information impacted. A link to the form breach notification that BRG posted to its website is below.
If you received a breach notification letter from Berkeley Research Group, LLC d/b/a BRG:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
