Almeida Law Group is investigating a data breach at Edwards, Faust & Smith. The breach occurred on 2/4/26–5/5/26 and was discovered on 04-30-2026. If you were affected, contact Almeida Law Group.
About Edwards, Faust & Smith
Edwards, Faust & Smith, CPAs is a certified public accounting firm founded in 1991 and based in Bangor, Maine. The firm provides audit and accounting, tax preparation, business consulting, and information technology services to small and mid-size businesses and individuals. Because CPA firms routinely handle tax filings, financial records, and government-issued identification for their clients, the type of information involved in this breach is particularly sensitive.
What Happened?
Edwards, Faust & Smith was listed in a Maine Attorney General data breach filing dated May 27, 2026. The incident was an external system breach caused by hacking. According to the firm’s own breach notice, the attack began with a phishing email disguised as an inquiry from a prospective client. The phishing compromised one firm computer and a remote server. Unauthorized activity was discovered on April 30, 2026, by the firm’s IT provider, and all unauthorized activity was fully mitigated by May 5, 2026. A total of 928 individuals were affected. Consumer notification letters were sent on May 28, 2026.
The information potentially involved includes names, Social Security numbers, taxpayer identification numbers, tax return information, IRS transcripts, financial account information, financial statements, dates of birth, government-issued identification, and client correspondence. The firm did not offer identity theft protection services to affected individuals. No independent media reporting, ransomware group claims, or class action filings related to this breach were identified as of May 28, 2026.
Key Facts at a Glance
- Company or Organization: Edwards, Faust & Smith, CPAs
- Industry: Accounting / CPA Firm (filed as Financial Services with Maine AG)
- Location: 15 Columbia Street, Suite 201, Bangor, ME 04401
- Incident type: External system breach (hacking via phishing)
- Date of breach: February 4, 2026 – May 5, 2026
- Date breach discovered: April 30, 2026
- Date of consumer notification: May 28, 2026
- Total persons affected: 928
- Identity theft protection offered: No
- Source: Maine AG Filing; Edwards, Faust & Smith – About Us
What Should You Do?
If you received a notice from Edwards, Faust & Smith, you should act promptly given the sensitivity of the data involved. Because Social Security numbers, tax return information, and financial account data may have been exposed, consider placing a fraud alert or security freeze on your credit file with all three major credit bureaus—Equifax, Experian, and TransUnion. Review your credit reports at AnnualCreditReport.com and monitor your financial accounts for any suspicious activity. The firm specifically recommends obtaining an IRS Identity Protection PIN (IP PIN), which prevents someone from filing a tax return using your Social Security number or ITIN; you can sign up at irs.gov. If you believe your information has already been misused, visit IdentityTheft.gov for step-by-step recovery guidance.
Your Legal Rights
If your personal information was involved in this breach, you may have legal rights depending on the facts of the incident and the law in your state. Almeida Law Group represents consumers in data breach and privacy litigation and can help you evaluate whether you may have a claim. Contact us at (708) 529-5418 or through our contact page for a free case evaluation.
