Sax LLP hit by network compromise
Incident
Summary
Hide ▲
Show ▼
Sax LLP is notifying over 220,000 individuals after a cyberattack compromised sensitive personal data, creating identity-theft risk from a long-undisclosed breach. The firm says it detected a network intrusion on August 7, 2024, and later determined attackers likely accessed systems in late July 2024. Compromised files can include names, dates of birth, SSNs, driver’s license or state ID numbers, and passport numbers. The disclosure matters because the breach remained hidden for more than 16 months, limiting how quickly affected people could respond.
Related Happenings
7-Eleven franchisee-docs and Salesforce data leak
Data Leak
First: 18.05.2026 14:25
Last: 18.05.2026 14:25
Sources 1
About this happening:
**7-Eleven** confirmed a **April 8, 2026** intrusion into systems used to store **franchisee documents**, and **ShinyHunters** later claimed the theft of **more than 600,000 Sales...
7-Eleven franchisee-docs and Salesforce data leak
Data LeakAbout this happening: **7-Eleven** confirmed a **April 8, 2026** intrusion into systems used to store **franchisee documents**, and **ShinyHunters** later claimed the theft of **more than 600,000 Sales...
Latest development: 26.05.2026 10:01
Have I Been Pwned analyzed the leaked 7-Eleven data and estimated that the breach exposed personal information for 185,300 people, including names, dates of birth, unique email addresses, phone numbers, and physical addresses. The exposed archive was tied to ShinyHunters' extortion campaign against 7-Eleven and followed the group's leak-site posting after ransom demands were not met.
American Lending Center hit by ransomware attack
Incident
First: 15.05.2026 14:06
Last: 15.05.2026 14:06
Sources 1
About this happening:
The **American Lending Center** confirmed a **ransomware breach** that may have exposed personal data for **more than 123,000 individuals**, including **names, dates of birth, and...
American Lending Center hit by ransomware attack
IncidentAbout this happening: The **American Lending Center** confirmed a **ransomware breach** that may have exposed personal data for **more than 123,000 individuals**, including **names, dates of birth, and...
Cookeville Regional Medical Center patient records leak
Data Leak
First: 16.04.2026 18:01
Last: 16.04.2026 18:01
Sources 1
About this happening:
**Cookeville Regional Medical Center** disclosed a **data leak** affecting **337,917 patients**, exposing personal and medical records and raising identity-theft risk. Files were...
Cookeville Regional Medical Center patient records leak
Data LeakAbout this happening: **Cookeville Regional Medical Center** disclosed a **data leak** affecting **337,917 patients**, exposing personal and medical records and raising identity-theft risk. Files were...
Cookeville Regional Medical Center (CRMC) hit by ransomware attack
Incident
First: 16.04.2026 15:40
Last: 16.04.2026 15:40
Sources 1
About this happening:
The **Cookeville Regional Medical Center (CRMC)** suffered a **ransomware attack** that caused a network intrusion and a major **data breach** affecting more than **337,000 indivi...
Cookeville Regional Medical Center (CRMC) hit by ransomware attack
IncidentAbout this happening: The **Cookeville Regional Medical Center (CRMC)** suffered a **ransomware attack** that caused a network intrusion and a major **data breach** affecting more than **337,000 indivi...
Latest development: 16.04.2026 18:01
Rhysida claimed responsibility for the Cookeville Regional Medical Center ransomware intrusion on August 2, 2025, demanded 10 Bitcoin worth roughly $1.15m, and posted sample files on its dark web leak site.
Conduent hit by network compromise
Incident
First: 10.02.2026 19:04
Last: 10.02.2026 19:04
Sources 1
About this happening:
**Conduent** disclosed a **security breach** affecting its **IT systems** between **October 21, 2024** and **January 13, 2025**. Threat actors stole **full names**, **Social Secur...
Conduent hit by network compromise
IncidentAbout this happening: **Conduent** disclosed a **security breach** affecting its **IT systems** between **October 21, 2024** and **January 13, 2025**. Threat actors stole **full names**, **Social Secur...
Timeline
-
29.12.2025 17:40 1 articles · 4mo ago
Sax LLP detects network intrusion
Detection Ioc UpdateSax LLP identified unauthorized network access on August 7, 2024, and its investigation later indicated that attackers likely entered the firm's systems in late July 2024 and copied files containing personal information.
Show sources
- Top US Accounting Firm Sax Discloses 2024 Data Breach Impacting 220,000 — www.securityweek.com — 29.12.2025 17:40
-
29.12.2025 17:40 2 articles · 4mo ago
Sax LLP notifies more than 220,000 people
Initial DisclosureSax LLP began notifying over 220,000 individuals that sensitive personal data was compromised, including names, dates of birth, SSNs, driver’s license or state ID numbers, and passport numbers, and the company is offering 12 months of free credit monitoring, dark web monitoring, credit protection, and identity restoration services.
Show sources
- Top US Accounting Firm Sax Discloses 2024 Data Breach Impacting 220,000 — www.securityweek.com — 29.12.2025 17:40
- Top US Accounting Firm Sax Discloses 2024 Data Breach Impacting 220,000 — www.securityweek.com — 29.12.2025 17:40