NEW ORLEANS (WVUE) – The Archdiocese of New Orleans is raising concerns about compromised personal information following a ransomware attack that may have exposed data on clergy sex abuse survivors and people connected to local Catholic schools.
The issue came to light during a May 1 federal court status hearing in the archdiocese’s ongoing bankruptcy case, now in its fifth year. Attorneys representing approximately 600 survivors of alleged clergy sex abuse revealed the data breach involved a consulting firm assisting their side of the negotiations.
That firm, Berkeley Research Group (BRG), was the target of a ransomware attack discovered in early March. According to court testimony, hackers potentially extracted sensitive data, including information tied to abuse claims, and BRG paid a ransom to prevent the stolen information from being published.
Dr. Kenneth Williams, director of the cybersecurity program at Southern University at New Orleans, criticized the decision to pay.
“If you pay the ransom, you’ll find more individuals to do it. So, stop it essentially. Don’t pay it,” Williams said.
Court statements also revealed concern that hackers may have accessed data from the Archdiocese’s accounts payable system — including information related to employees, teachers, students, and parents in the Catholic school system. Attorneys on both sides admitted they don’t know how much data was stolen, but extra precautions and steps have been taken to increase cybersecurity.
The attorney for BRG told the court hackers gave assurances the data was deleted and would not be shared, and they’re monitoring of the dark web has not found traces of sensitive information being shared on that particular platform.
Dr. Williams says the BRG is relying on criminals to keep their word.
“My information, if I’m the hacker, is obfuscated. You don’t know who I am. So, I could release it without anyone even knowing who I am,” Williams said. “They can release that information even after someone pays the ransom.”
RELATED STORIES
- Archdiocese plans to sell apartment buildings, impacting over 1,000 residents
- End of an Era: Archdiocese of New Orleans to end print edition of The Clarion Herald
A spokesperson for the FBI could not confirm or deny an investigation into the ransomware attack. BRG declined to comment on the data breach and sent the following statement.
“BRG continues working diligently to investigate the cybersecurity incident and notify all potentially affected clients. We recognize the trust our clients place in us to protect their data and we take this responsibility extremely seriously. We are working with experienced cybersecurity professionals to further strengthen our security and privacy practices moving forward.”
A spokesperson for the Archdiocese of New Orleans deferred comment to BRG and the survivors’ collective, but added the data breach is “gravely concerning to us.”
See a spelling or grammar error in our story? Click Here to report it. Please include the headline.
Subscribe to the Fox 8 YouTube channel.
Copyright 2025 WVUE. All rights reserved.