Berry, Dunn, McNeil & Parker Data Breach Lawsuit Says 1.1 Million People Impacted by 2023 Cyberattack

New to ClassAction.org? Read our Newswire Disclaimer

Berry, Dunn, McNeil & Parker faces a proposed class action lawsuit that alleges the tax and consulting firm failed to protect the sensitive personal information of approximately 1.1 million people from a data breach reportedly discovered in September 2023.

Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s free weekly newsletter here.

The 36-page Berry Dunn data breach lawsuit says that the Maine-based financial services firm was notified by a vendor around September 14 of last year that it “discovered suspicious network activity,” upon which the defendant claims to have immediately engaged cybersecurity experts to assist with determining what happened and whether data was compromised.

Per the complaint, Berry Dunn’s review and investigation wrapped up around April 2, 2024, and the firm concluded that the perpetrator accessed and stole some of its files. Impacted information may have included names, addresses, Social Security numbers, dates of birth and health insurance policy numbers, the data breach class action says.

All told, the Berry, Dunn, McNeil & Parker data breach impacted around 1.1 million people, many of whom were notified of the incident around April 29, about seven months after the cyberattack occurred, the suit shares.

The case accuses Berry Dunn of failing to implement and maintain reasonable cybersecurity safeguards, comply with industry-standard data security practices, properly train employees on data security measures, timely detect the intrusion and promptly notify victims.

“In this day and age of regular and consistent data security attacks and data breaches, in particular in the financial industries, and given the sensitivity of the data entrusted to Defendant, this Data Breach is particularly egregious and foreseeable,” the lawsuit charges.

Berry Dunn data breach victims face a present and lifetime risk of identity theft, especially given that Social Security numbers were among the stolen information, the complaint stresses.

“As a result of Defendant’s delayed response, Plaintiff and Class had no idea their [personal information] had been compromised, and that they were, and continue to be, at significant and imminent risk of identity theft and various other forms of personal, social and financial harm. The risk will remain for their respective lifetimes because of Defendant’s negligence.”

The filing adds that the root cause of the Berry Dunn data breach, the particular vulnerabilities exploited by the unauthorized actors and the remedial measures taken by the firm to ensure such an incident does not happen again have not been shared with regulators or victims.

The data breach lawsuit looks to cover all United States residents whose personally identifiable information was compromised during the data breach that is the subject of the notice published by Berry, Dunn, McNeil & Parker around April 29, 2024.

Are you owed unclaimed settlement money? Check out our class action rebates page full of open class action settlements.