Data security incident at IMA Diligence impacts more than 525,000 individuals

Financial consulting firm IMA Diligence Services announced that a data security incident in 2025 compromised the sensitive personal information of more than 525,000 individuals.

 

Headquartered in Chicago, Illinois, IMA Diligence Services is a financial due diligence and transaction advisory firm specialising in quality of earnings analyses, financial due diligence, and lender advisory services. The firm helps investors, lenders, and businesses assess risks, validate financial performance, and make informed transaction decisions.

 

In a data security incident notice filed with the Office of California Attorney General, the financial advisory firm said that on December 16, it discovered that certain files stored in a legacy server operated by a third-party provider had become inaccessible. The company immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

“It was determined that an unauthorised actor had accessed this file server between December 8, 2025 and December 16, 2025, and acquired certain file,” IMA Diligence said.

 

The compromised data included names, and other personal identifiers including Social Security numbers. In a filing with the Office of the Attorney General of Texas, IMA Diligence said that it has identified at least 70,928 individuals whose data was compromised during the data security incident.

 

“As part of our ongoing commitment to the privacy of information, we continue to review our policies, procedures and processes related to the storage and access of personal information to reduce the likelihood of a similar future event,”  IMA Diligence added. The company notified the Office of the Attorney General of Indiana that the data security incident impacted 525,306 individuals.

 

The financial consulting company has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and the state attorney general. It has also offered one year of complimentary identity protection and credit monitoring services through Cyberscout to all affected individuals.

 

The Genesis ransomware group has claimed responsibility for the cyber attack on IMA Diligence, listing the company as a victim on its data leak site. While Genesis did not disclose the ransom amount demanded, it stated on its leak portal that it had exfiltrated approximately 700 GB of data and has threatened to publish the stolen dataset unless IMA Diligence complies with its ransom demands.