SAX Reports Data Breach Affecting Sensitive Personal Information
On August 7, 2024, financial services firm SAX detected suspicious activity within its systems, prompting an immediate investigation. The probe confirmed that an unauthorized third party had accessed and potentially acquired sensitive personal data stored in its networks.
The exposed information varies by individual but may include names, Social Security numbers, dates of birth, driver’s license or state ID numbers, and passport numbers. Following a thorough review, SAX began notifying affected individuals on December 16, 2024, via mailed breach notification letters. The notices detail the specific types of compromised data and offer complimentary credit monitoring services.
The breach was disclosed to the Attorney General of Maine, with official filings available for reference. The incident underscores the ongoing risks to personally identifiable information in digital systems.
Source: https://straussborrelli.com/2025/12/23/sax-llp-data-breach-investigation/
SAX TPRM report: https://www.rankiteo.com/company/saxon
"id": "sax1766527325",
"linkid": "saxon",
"type": "Breach",
"date": "8/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Impacted individuals (number '
'not specified)',
'name': 'SAX',
'type': 'Company'}],
'customer_advisories': 'Data breach notification letters mailed to impacted '
'individuals on December 16, 2025',
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Name',
'Social Security number',
'Date of birth',
'Driver’s license or state '
'identification number',
'Passport number']},
'date_detected': '2024-08-07',
'date_publicly_disclosed': '2025-12-16',
'description': 'SAX reported a data breach where sensitive personal '
'identifiable information may have been compromised. The '
'breach was detected on August 7, 2024, after suspicious '
'activity was observed in its systems. An investigation '
'confirmed unauthorized access and acquisition of sensitive '
'data by a third party.',
'impact': {'data_compromised': 'Sensitive personal identifiable information',
'identity_theft_risk': 'High'},
'investigation_status': 'Completed',
'recommendations': 'Providing complimentary credit monitoring services to '
'affected individuals',
'references': [{'source': 'Attorney General of Maine'}],
'regulatory_compliance': {'regulatory_notifications': 'Filed breach notice '
'with the Attorney '
'General of Maine'},
'response': {'communication_strategy': 'Data breach notification letters '
'mailed to impacted individuals',
'incident_response_plan_activated': 'Yes'},
'threat_actor': 'Unauthorized third party',
'title': 'SAX Data Breach Incident',
'type': 'Data Breach'}