Upstream Advisory Group LLC

Upstream Advisory Group LLC, a North Carolina-based financial and employee benefits consulting firm, experienced a data breach in May 2025 after a phishing attack compromised one of its email accounts. An unauthorized third party accessed the account between May 21 and May 28, 2025, potentially viewing or exfiltrating emails containing personal information, including names paired with other identifying details (likely of employees or clients). The breach was discovered on August 19, 2025, prompting an investigation. The exposed data raises risks of identity theft, fraud, and unauthorized financial activity for affected individuals. A law firm, Edelson Lechtzin LLP, is pursuing a class-action lawsuit on behalf of victims, alleging negligence in safeguarding sensitive data. The incident highlights vulnerabilities in Upstream Advisory’s cybersecurity defenses, particularly against social engineering attacks targeting employee credentials.

Source: https://www.globenewswire.com/news-release/2025/09/19/3153463/0/en/DATA-BREACH-ALERT-Edelson-Lechtzin-LLP-is-Investigating-Claims-on-Behalf-of-Upstream-Advisory-Group-LLC-Customers-Whose-Data-May-Have-Been-Compromised.html

TPRM report: https://www.rankiteo.com/company/upstreamip

"id": "ups1302913092025",
"linkid": "upstreamip",
"type": "Breach",
"date": "5/2025",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'industry': 'Financial and Employee Benefits '
                                    'Consulting',
                        'location': 'Garner, North Carolina, USA',
                        'name': 'Upstream Advisory Group LLC',
                        'type': 'Private Company'}],
 'attack_vector': 'Phishing',
 'customer_advisories': 'Data breach notifications sent to affected '
                        'individuals (implied)',
 'data_breach': {'data_exfiltration': 'Possible (emails viewed or obtained)',
                 'file_types_exposed': ['Emails'],
                 'personally_identifiable_information': 'Yes (names paired '
                                                        'with other '
                                                        'identifying details)',
                 'sensitivity_of_data': 'High (personally identifiable '
                                        'information)',
                 'type_of_data_compromised': ['Personal information (names, '
                                              'identifying details)']},
 'date_detected': '2025-08-19',
 'date_publicly_disclosed': '2025-09-19',
 'description': 'Upstream Advisory Group LLC, a financial and employee '
                'benefits consulting firm based in Garner, North Carolina, '
                'experienced a data breach after a phishing attack targeted '
                'one of its email accounts. An unauthorized third party gained '
                'access to the account between May 21 and May 28, 2025, '
                'potentially viewing or obtaining emails containing personal '
                'information such as names paired with other identifying '
                'details. The breach was discovered on or about August 19, '
                '2025. Edelson Lechtzin LLP is investigating a class action '
                'lawsuit on behalf of affected individuals.',
 'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
                                       'class action investigation',
            'data_compromised': ['Personal information (names paired with '
                                 'other identifying details)'],
            'identity_theft_risk': 'High (personal information exposed)',
            'legal_liabilities': 'Class action lawsuit investigation by '
                                 'Edelson Lechtzin LLP',
            'systems_affected': ['Email account(s)']},
 'initial_access_broker': {'entry_point': 'Phishing email targeting an '
                                          'employee account',
                           'high_value_targets': ['Email account containing '
                                                  'personal information']},
 'investigation_status': 'Ongoing (class action investigation by Edelson '
                         'Lechtzin LLP)',
 'post_incident_analysis': {'root_causes': ['Successful phishing attack due to '
                                            'human error',
                                            'Inadequate email security '
                                            'measures (implied)']},
 'recommendations': ['Monitor account statements and credit reports for '
                     'suspicious activity',
                     'Implement multi-factor authentication (MFA) for email '
                     'accounts',
                     'Conduct phishing awareness training for employees',
                     'Enhance email security protocols'],
 'references': [{'date_accessed': '2025-09-19',
                 'source': 'Globe Newswire Press Release'},
                {'source': 'Edelson Lechtzin LLP',
                 'url': 'https://www.edelson-law.com'}],
 'regulatory_compliance': {'legal_actions': 'Class action lawsuit '
                                            'investigation by Edelson Lechtzin '
                                            'LLP'},
 'response': {'communication_strategy': 'Public disclosure via press release; '
                                        'legal firm (Edelson Lechtzin LLP) '
                                        'notified affected parties',
              'incident_response_plan_activated': 'Yes (investigation '
                                                  'conducted)'},
 'stakeholder_advisories': 'Affected individuals advised to monitor for '
                           'identity theft and fraud',
 'threat_actor': 'Unauthorized third party (unknown)',
 'title': 'Upstream Advisory Group LLC Data Breach via Phishing Attack',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Human error (successful phishing attack)'}