Berry, Dunn, McNeil & Parker, LLC

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Berry, Dunn, McNeil & Parker, LLC, a financial services firm located at 2211 Congress Street in Portland, Maine, experienced a data breach on June 8, 2022. The breach was discovered on the same day it occurred. A phishing attack was identified as the cause, where an unauthorized party gained access to sensitive consumer data through an employee email account. The compromised information included names in combination with financial account numbers or credit/debit card numbers along with their security codes, access codes, passwords, or PINs, as well as Social Security Numbers[1][11].

The total number of individuals affected by the breach was 10,263, with 7,298 of those being Maine residents[1]. Berry, Dunn, McNeil & Parker, LLC responded by offering identity theft protection services through IDX for a duration of 24 months, which includes credit monitoring and identity protection services. Written notifications to the affected consumers were sent out on September 22, 2022[1].

The firm has a history of providing cybersecurity expertise and offers services related to disaster recovery and incident response planning, overseen by a team of IT, security, and auditing experts[2]. After the breach, the company isolated the unauthorized access to one account and reset the user’s credentials[3]. They also have resources discussing best practices for preventing and responding to ransomware attacks and other cybersecurity threats[13][14].

Berry, Dunn, McNeil & Parker, LLC is a full-service accounting and consulting firm that employs over 500 people and generates approximately $100 million in annual revenue[5]. The firm operates offices throughout New England, West Virginia, Arizona, and Puerto Rico[7]. The data breach has led to investigations and the firm has been in communication with legal entities regarding the incident[7].

Citations:

  1. https://apps.web.maine.gov/online/aeviewer/ME/40/43f61241-cc7b-4194-afaf-9500161ccfd3.shtml
  2. https://www.berrydunn.com/services/disaster-recovery-and-incident-response
  3. https://www.doj.nh.gov/consumer/security-breaches/documents/berry-dunn-mcneil-parker-20220930.pdf
  4. https://www.berrydunn.com/topic/it-assurance
  5. https://www.jdsupra.com/legalnews/berry-dunn-mcneil-parker-llc-reports-4066311/
  6. https://www.berrydunn.com/news-detail/trusting-privileged-accounts-in-the-age-of-data-breaches
  7. https://www.turkestrauss.com/2022/09/20/berrydunn-data-breach-investigation/
  8. https://dvha.vermont.gov/sites/dvha/files/documents/Administration/BerryDunn%2035419-2%20Final%20Signed.pdf
  9. https://www.doj.nh.gov/consumer/security-breaches/documents/berry-dunn-mcneil-parker-20220922.pdf
  10. https://apps.web.maine.gov/online/aeviewer/ME/40/list.shtml
  11. https://apps.web.maine.gov/online/aeviewer/ME/40/94747627-2214-4efc-997b-8d36e8ace957.shtml
  12. https://legalwritingexperts.com/master-service-agreement-9/
  13. https://www.berrydunn.com/news-detail/ransomware-is-not-going-anywhere-soon-best-practices-for-prevention-and-protection
  14. https://www.berrydunn.com/topic/it-security
Breach Submission Date Nov 21, 2023
Converted Entity Name Berry, Dunn, McNeil & Parker, LLC
Converted Entity Type Business Associate
State ME
Individuals Affected 500
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes