IMA Diligence Services Notifies 525K on Legacy Server Breach
IMA Diligence Services, a financial due diligence firm, is notifying over 525,000 individuals that personal information was stolen from a legacy server. The incident was previously claimed by the Genesis ransomware group. Public notifications and reporting occurred in early June 2026.
- personal information
- business documents
- confidential files
IMA Diligence Services has begun notifying more than 525,000 individuals that their personal information, business documents, and confidential files were stolen from a legacy server last year. The financial due diligence firm disclosed the breach in early June 2026 after the Genesis ransomware group claimed responsibility for the incident.
Public reporting indicates the compromised server contained a wide range of sensitive records accumulated over time. The exposed data includes names, contact details, financial identifiers, and proprietary business materials that had been stored on infrastructure no longer in active use. Available reporting describes the breach as originating from an unprotected legacy environment that was not fully decommissioned, allowing attackers to access and exfiltrate large volumes of information before detection.
Want the rest of this breakdown?
Sign up free to keep reading. Members get extended access, the weekly breach digest, and a complimentary Warden™ to see if their identity is exposed in the breaches we cover.
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →