On March 2, 2025, Berkley Research Group (“BRG”) detected suspicious activity in its network and launched an investigation with cybersecurity experts. The breach occurred between February 28, 2025, and March 2, 2025, when an unauthorized actor briefly accessed BRG’s systems and copied certain files containing personal information. Although BRG reports no evidence of misuse, the exposure of sensitive data constitutes a serious privacy risk.
Founded in 2010, Berkley Research Group is a global consulting firm headquartered in Emeryville, California, providing consulting, advisory, and expert witness services to clients and law firms worldwide.
BRG sent data breach notification letters to affected individuals and offered complimentary identity protection services through Kroll for 24 months. If you received a Data Breach notification letter from BRG, it confirms that your information was potentially impacted.
What information is involved in the Berkley Research Group Data Breach?
Compromised information may include:
Name
Date of Birth
Address
Social Security Number
Tax Identification Number
Passport Number
Driver’s License Number or Government ID
Financial and Bank Account Information (at times including PIN, Security Code, or Login Credentials)
Payment Card (at times with Additional Details Username, and Password)
Medical Information
Health Insurance Information
Your Personally Identifiable Information (PII) includes details that can be used to identify you. Organizations are legally obligated to safeguard this data, and failure to do so can result in statutory fines and other legal consequences. If PII is stolen, it may be exploited by criminals to commit identity fraud.
A specific category of PII is Protected Health Information (PHI), which pertains to personal medical data. PHI is safeguarded under both federal and state regulations. Entities such as healthcare providers and businesses that manage PHI must ensure its security. Just like PII, compromised PHI can be misused by identity thieves, and it’s common for cybercriminals to use both types of information together.
If your data has been exposed in a breach, one of the most effective steps you can take is to enroll in credit and identity monitoring services promptly.
Residents of California benefit from additional privacy protections under the California Consumer Privacy Act (CCPA), which grants enhanced rights regarding personal data. Additionally, California residents also benefit from medical privacy protections under the Confidentiality of Medical Information Act (CMIA), which specifically grants enhanced protections for confidential medical data.
If you received a NOTICE OF DATA BREACH letter from Berkley Research Group, LLC, your personal, financial, and/or medical information may be at risk. This type of data can be exploited by identity thieves to commit fraud and other crimes.
Contact the Data Breach Lawyers at Emery | Reddy, PC for a Free Case Review today.