Berkeley Research Group (BRG), the financial advisory firm working with the Baltimore Catholic Archdiocese on its bankruptcy case, has been navigating the fallout from a cyberattack that potentially compromised sensitive information related to hundreds of sexual abuse claims. In an emerging narrative stripped of ornamentation but rich in implication, BRG acknowledges in a letter that it delayed notifying victims by almost two months after discovering the breach on March 3, as reported by WYPR.
While BRG has not found evidence of the stolen data appearing online, they have confirmed the payment of a ransom to the hackers and received assurances, including a "destruction log," that the stolen information was deleted, as detailed by CBS News Baltimore. The firm emphasized that it prioritized accurate and complete information over rapid communication following the breach. The FBI is currently involved in investigating the breach, and their inquiries may be restricting BRG from releasing further details that could jeopardize their efforts.
This cyber breach takes on a weightier significance considering its context—a financial advisory firm handling cases fraught with painful histories, where the potential exposure of victims' private details could result in additional trauma. BRG is advising on ten bankruptcy proceedings across the country, all involving religious organizations, with the survivors in Baltimore still uncertain whether unauthorized parties accessed their data.
