Edgar & Associates LLP

The California Office of the Attorney General disclosed a data breach affecting Edgar & Associates LLP, discovered in April 2017 but originating from unauthorized access between April 1–2, 2016. The intrusion was detected later, between September 28 and November 3, 2016, via exploitation of Remote Desktop Protocol (RDP) a common vector for cyber intrusions. While the exact scope of compromised data remains undisclosed, the breach suggests potential exposure of sensitive information, though no explicit confirmation of stolen records (e.g., financial, personal, or employee data) was provided. The delayed detection highlights vulnerabilities in monitoring and response protocols, raising concerns about prolonged unauthorized access. The lack of clarity on affected individuals or specific data types leaves the full impact ambiguous, but the incident underscores risks associated with insecure remote access mechanisms and the need for timely breach identification.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-67343

TPRM report: https://www.rankiteo.com/company/edgar-law-group-llp

"id": "edg611090125",
"linkid": "edgar-law-group-llp",
"type": "Breach",
"date": "4/2016",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'industry': 'Legal',
                        'location': 'California, USA',
                        'name': 'Edgar & Associates LLP',
                        'type': 'Law Firm / Professional Services'}],
 'attack_vector': ['Remote Desktop Protocol (RDP)'],
 'date_detected': '2016-09-28',
 'date_publicly_disclosed': '2017-04-06',
 'description': 'The California Office of the Attorney General reported a data '
                'breach involving Edgar & Associates LLP. The breach occurred '
                'due to unauthorized access via Remote Desktop Protocol (RDP) '
                'between April 1-2, 2016, which was later identified between '
                'September 28, 2016, and November 3, 2016. The number of '
                'affected individuals remains unspecified.',
 'impact': {'data_compromised': True},
 'initial_access_broker': {'entry_point': ['Remote Desktop Protocol (RDP)']},
 'investigation_status': 'Disclosed (2017-04-06)',
 'post_incident_analysis': {'root_causes': ['Unauthorized RDP access (April '
                                            '1-2, 2016)']},
 'references': [{'date_accessed': '2017-04-06',
                 'source': 'California Office of the Attorney General'}],
 'regulatory_compliance': {'regulations_violated': ['California Data Breach '
                                                    'Notification Law'],
                           'regulatory_notifications': ['California Office of '
                                                        'the Attorney '
                                                        'General']},
 'title': 'Data Breach at Edgar & Associates LLP (2016)',
 'type': 'Data Breach (Unauthorized Access)'}

Edgar & Associates LLP

Free Mobile: French data regulator fines telco subsidiaries $48 million over data breach

Coupang Fulfillment Services: Coupang cuts logistics workforce as orders slip after data breach

Monroe University: Monroe University Data Breach Affects 320k Exposing Social Security Numbers