Berkeley Research Group experienced a cyber attack last week, Bloomberg reported, citing sources familiar with the matter, as banks worked to finalize a debt sale intended to finance the consulting firm’s acquisition by TowerBrook Capital Partners.
The firm identified the breach on March 2 and received multiple ransomware notices from a hacker, sources said. The hacker claimed to have accessed data from BRG’s systems and encrypted files within its network.
BRG has engaged data-security firm Octillo Law and Booz Allen Hamilton Inc.’s cyber team to address the breach, according to a notice sent to prospective loan investors. The firm also confirmed that it holds comprehensive cyber insurance, though the extent of the attack and the type of data affected were not disclosed.
Cyber insurance plays a role in mitigating financial losses from cyber incidents, covering costs related to data recovery, legal expenses, and potential ransom payments. As cyber threats continue to impact businesses, the insurance industry has seen increasing demand for coverage tailored to ransomware attacks, system disruptions, and liability risks.
The timing of the attack coincided with a $700 million leveraged loan sale supporting TowerBrook’s majority equity investment in BRG. A banking group led by Royal Bank of Canada arranged the acquisition financing and launched the debt sale last week. Some investors raised concerns that the attack could disrupt BRG’s business operations, sources said.
BRG advises clients on tax matters, arbitration, and bankruptcy procedures. It is currently assisting Forever 21 Inc. as it prepares for a potential bankruptcy filing and previously advised furniture retailer Conn’s Inc., which filed for bankruptcy protection last year.
Cyberattacks have become a growing concern for businesses, increasing demand for cyber insurance policies. Coverage typically includes first-party losses, such as data restoration and business interruption, as well as third-party liabilities, including regulatory fines and legal claims.
The incident at BRG follows a broader trend of cyber risks affecting financial and corporate sectors. Ransomware attacks resulted in approximately $813.5 million in ransom payments in 2024, down from $1.25 billion the previous year, according to Chainalysis Inc.
Governments and insurers are monitoring the evolving threat landscape, as regulatory scrutiny and underwriting requirements for cyber insurance continue to develop. Recent high-profile attacks, such as the breach at CDK Global Inc. that disrupted thousands of U.S. car dealerships, have underscored the financial and operational risks businesses face from cyber incidents.
Cyber insurance remains a critical component of risk management strategies, offering businesses financial protection against the increasing threat of ransomware and data breaches.
