Berkeley Research Group (BRG), a major consulting and financial advisory firm, suffered a ransomware attack discovered March 2, 2025. Unauthorized activity occurred February 28 – March 2, 2025. The attacker impersonated an IT worker via Microsoft Teams to gain laptop access, then deployed a Chaos ransomware variant. BRG paid an undisclosed ransom. At least 6,083 individuals notified; exposed data included SSNs, passport numbers, bank account information, medical information, and credentials. The US DOJ raised concerns because data from Catholic clergy sexual abuse survivors in bankruptcy cases was among the stolen files. BRG was in the middle of a $700M TowerBrook Capital buyout at time of attack. Legal/consulting sector breach exposing sensitive M&A and litigation data.