Skip to main content
A man sees his private data publicly available online, prompting him to consider filing an AI data security lawsuit

MGO Data Breach Investigation

Written by Joseph Lyon on . Posted in Data Breach.

If you recently received a notification letter from Mosley Glick O’Brien, Inc., you are dealing with the fallout of one of the more serious professional services data breaches to hit Ohio in recent years. The MGO data breach exposed some of the most sensitive personal and financial information imaginable, and affected clients have legal rights worth understanding. Contact the data breach lawyers at The Lyon Firm to help you pursue compensation through an MGO data breach lawsuit.

What Happened at Mosley Glick O’Brien?

Mosley Glick O’Brien, known as MGO, is an accounting firm based in Maumee, Ohio. Founded in 2008, the firm provides services including bookkeeping, tax preparation, business valuations, tax planning, succession planning, and financial and operational consulting.

On February 19, 2025, MGO was hit by a sophisticated ransomware attack. The firm’s investigation determined that certain data held in the normal course of business may have been accessed without authorization, potentially exposing personally identifiable information including names, Social Security numbers, financial account details, and medical information.

The ransomware group responsible for the attack has been identified as BianLian. Reports indicate that approximately 1.2 terabytes of data may have been compromised, with attackers threatening to release information gradually over time.

BianLian is not a low-level criminal operation. It is a highly organized ransomware group known for targeting professional services firms that hold large amounts of sensitive client data, making accounting firms like MGO a prime target.

Why This Breach Is Especially Dangerous for Victims

Not all data breaches carry the same level of risk. The MGO ransomware attack stands out because of the type of information an accounting firm holds on its clients. This is not a situation where a credit card number was stolen and can simply be cancelled. The data MGO likely held on file for clients includes:

  • Social Security numbers and federal tax identification numbers
  • Full tax returns with income, asset, and investment details
  • Business financial statements and valuations
  • Bank and retirement account information
  • Medical information connected to health-related tax filings

When this combination of data is stolen, victims face a range of serious and long-lasting threats. Fraudsters can file false tax returns in your name, open new credit accounts, drain financial accounts, or even obtain medical care using your identity. These are problems that can take years to fully resolve and can cause real financial and emotional harm in the meantime.

MGO serves a wide range of clients including established businesses, startups, nonprofits, and individuals across industries like construction, manufacturing, transportation, and logistics, meaning the reach of this breach could be substantial.

What Legal Options Do MGO Data Breach Victims Have?

Companies that collect and store personal information have a legal duty to protect it with reasonable cybersecurity safeguards. When they fail to meet that standard and a breach occurs as a result, they can be held liable through a data breach lawsuit. Victims of the MGO data breach may be entitled to compensation for:

  • Time spent dealing with the breach and its consequences
  • Out-of-pocket costs for credit monitoring, identity protection, and fraud remediation
  • Financial losses directly caused by identity theft or fraud
  • Emotional distress and loss of personal privacy

The central legal question in any MGO data breach lawsuit will be whether the firm maintained adequate cybersecurity protections and responded appropriately once the attack occurred. These are exactly the kinds of questions The Lyon Firm is experienced in investigating and litigating.

Why Hire The Lyon Firm for Your MGO Data Breach Case?

The Lyon Firm has a proven record of representing data breach and ransomware attack victims across the country. We understand the unique harm that flows from the exposure of financial, tax, and medical data, and we know how to investigate whether companies like MGO fell short of their duty to protect client information.

If your information was exposed in the MGO ransomware attack, do not wait. Contact The Lyon Firm today for a free, confidential consultation. 

Frequently Asked Questions

Do I have a case if I received an MGO data breach notice? Receiving a breach notification means your information was potentially exposed. Whether you have a viable claim depends on what data was affected and what harm resulted. Speaking with a data breach attorney is the best way to find out. The Lyon Firm offers free consultations to help you understand your options.

How long do I have to file a data breach lawsuit in Ohio? Statutes of limitations vary depending on the type of claim, but waiting too long can cost you your right to recover. If you received a notice from MGO, you should contact an attorney as soon as possible to preserve your options.

What compensation can I recover in an MGO data breach lawsuit? Victims may recover damages for financial losses, identity theft costs, time spent dealing with the breach, and emotional distress. The specific amount depends on the facts of your individual case.

How much does it cost to hire The Lyon Firm for a data breach case? The Lyon Firm handles data breach cases on a contingency fee basis. You pay nothing upfront and nothing out of pocket unless we win your case.

CONTACT THE LYON FIRM TODAY

Please complete the form below for a FREE consultation.

  • This field is for validation purposes and should be left unchanged.