Investment firm Nth Degree says cyber attack affected over 25,000 customers

Nth Degree Investment Group said the data security incident it suffered in December compromised the sensitive personal information of more than 25,000 individuals.

 

Headquartered in Duluth, Georgia, Nth Degree is an investment company that focuses on acquiring and growing other businesses, particularly in the event and experiential marketing industry. 

 

In a data security incident notice filed with the Office of Maine Attorney General, Nth Degree said that on March 24, it discovered suspicious activity in its internal network. The investment company immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

The company also took steps to contain the incident, secured the affected network and notified relevant law enforcement authorities about the same.

 

“After an extensive forensic investigation and manual document review, we discovered on March 24, 2025 that your personal information may have been accessed or acquired by an unauthorised party between on or around December 12, 2024 to on or around December 20, 2024,” reads the notice.

 

The compromised data included names and other personal identifiers including Social Security Numbers. Nth Degree said in its filing with the Maine stare regulator that it identified at least 25,730 individuals who were impacted by the incident.

 

“We are committed to maintaining the privacy and security of the personal information in our possession and have taken many precautions to safeguard it. We continually evaluate and modify our practices and internal controls to enhance the security and privacy of your personal information and will continue to do so following this incident,” Nth Degree added.

 

While the investment company found no evidence of the compromised information being misused, it advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and the state attorney general. It has also offered one year of complimentary identity protection and credit monitoring services through TransUnion to all affected individuals.

 

At the time of publishing, no known hacker group claimed responsibility for the cyber attack on Nth Degree. The company also did not share details on who was behind the attack, how much data was compromised, or whether it has received a ransom demand.