About McElroy, Deutsch, Mulvaney & Carpenter LLP
McElroy, Deutsch, Mulvaney & Carpenter LLP (MDMC) experienced a data breach that affected a number of individuals, including residents of Maine. The breach involved unauthorized access to the firm’s external systems, leading to the exposure of sensitive personal information. The breach occurred between March 28, 2025, and April 1, 2025, and was discovered on December 4, 2025. The firm has since taken steps to address the situation and notify affected parties.
What Happened
On April 3, 2025, MDMC became aware of suspicious activity within its network environment. MDMC promptly took steps to secure its systems and initiated an investigation into the nature and scope of the activity. The investigation determined that certain files on MDMC systems were accessed or acquired without authorization from March 28, 2025 to April 1, 2025. In response MDMC undertook a comprehensive review of the affected files to determine what information was present and to whom it relates. On December 4, 2025, MDMC identified that personal information relating to certain individuals was present in the affected files.
In this breach, certain files containing personal information such as names and Social Security numbers were accessed without authorization. The breach impacted individuals whose information was stored on the firm’s systems, including three residents of Maine. The breach occurred from March 28, 2025, to April 1, 2025.
Next Steps
Affected users should remain vigilant and monitor their financial accounts for any signs of unauthorized activity. MDMC has notified federal law enforcement and is working with authorities to investigate the breach. Additionally, affected individuals are encouraged to review their credit reports and consider placing fraud alerts or security freezes on their credit files to prevent potential misuse of their information.
Identity Theft Protection Services
MDMC is offering twelve months of credit monitoring services through Epiq to individuals whose personal information was potentially affected by this incident, at no cost. They are also providing guidance on how to protect against identity theft, including placing fraud alerts and security freezes, and obtaining free credit reports. Affected individuals are encouraged to remain vigilant and report any incidents of fraud or identity theft to the Federal Trade Commission and their state Attorney General.