B. Riley Financial, Inc Discloses Material Cybersecurity Incident (SEC 8-K)
  On April 5, 2024, Targus International, LLC and certain affiliates (collectively, "Targus"), each of which is an indirect subsidiary of B. Riley Financial, Inc. (the "Company"), discovered that a threat actor gained unauthorized access to certain of Targus' file systems. Upon discovery and with assistance from external cybersecurity counsel and consultants, Targus immediately activated its incident response and business continuity protocols to investigate, contain and remediate the incident. Through this process, proactive containment measures to disrupt unauthorized access resulted in
On April 5, 2024, B. Riley Financial, Inc. filed an SEC 8-K disclosing that a threat actor had gained unauthorized access to certain file systems belonging to its indirect subsidiary Targus International, LLC and affiliates. The filing marks the first public notification of the incident, which Targus discovered on the same day. Anyone whose personal or business documents were stored on those systems may now face long-term exposure.
Details from the SEC Filing
The SEC 8-K Item 1.05 states that on April 5, 2024, Targus identified unauthorized access to portions of its file systems. The company immediately engaged external cybersecurity counsel and consultants, activated incident response and business continuity protocols, and implemented proactive containment measures that disrupted the unauthorized access. The disclosure does not specify the volume of data involved, the exact data types accessed, or whether any information was exfiltrated. It also does not name the threat actor or confirm any ransom demand.
April 5, 2024 remains the sole date tied to both discovery and public disclosure. The filing frames the event as a “material cybersecurity incident” under SEC rules, obligating the parent company to report it to investors.
Why This Matters for You and Your Family
When a company that handles logistics, warranties, or consumer-product support suffers a breach, the files on its systems often contain names, addresses, contact details, purchase records, and sometimes scanned documents provided by customers. Even if the exact contents remain unknown, the unauthorized file-system access creates a realistic risk that information tied to you or your family has been viewed or copied. Once that data leaves a corporate environment it can appear on dark-web markets, ransomware leak sites, or private extortion lists months later.
Ordinary families who bought laptop bags, phone cases, or other Targus products and registered them for warranty support may have their details caught in this incident. The same risk applies to small businesses that interacted with Targus as a vendor. Without clear visibility into what was taken, the safest assumption is that any information you ever gave them could now be in unauthorized hands.
Doxxing and Identity-Chain Risks
File-system breaches rarely stop at one dataset. Threat actors routinely chain exposed customer records with usernames, email addresses, or phone numbers already circulating from earlier leaks. A single address or warranty claim can link your work identity, children’s school-related accounts, and family gaming profiles. These connections allow attackers to build detailed dossiers used for spear-phishing, SIM-swapping, or targeted extortion.
Credential reuse across services turns this incident into a gateway for account takeovers. If you reused a password listed in the Targus environment, criminals who obtain even partial data can test it against email, banking, or social-media accounts. Gaming accounts belonging to children are especially vulnerable because they often share the same household email or phone number, creating a direct path from corporate breach to family doxxing.
What to Do
- Run a DoxxScan to map every link between your handles, emails, phone numbers, and real identity, then use the no-subscription cleanup of Warden to remove what you can.
- Rotate any password you ever used on Targus-related sites or services and enable 2FA through an authenticator app rather than SMS.
- Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next exposure surfaces in hours instead of months.
- Cover the entire household with DoxxScan family protection, which includes dependents and children’s gaming accounts that often chain back to the same address or parent email.
- Let remediation specialists handle ongoing takedown requests for any personal records that surface on data-broker or extortion sites.
The incident underscores that even well-known subsidiaries can become entry points for threat actors, and families rarely learn about the exposure until it is too late. A forward-looking approach means treating every corporate breach as a personal one and acting before the data appears for sale. Start your DoxxScan trial and combine its continuous monitoring, AI-powered identity-chain mapping, and hands-on specialist remediation to protect yourself and your family today.
Related breaches
Cybersecurity firm Trellix discloses source code repository breach
Trellix revealed that attackers gained unauthorized access to a portion of its source code repositor…
Brightspeed Fiber Broadband Incident — January 2026
Crimson Collective ransomware group allegedly stole personal data of over 1 million Brightspeed cust…
DOCTUS USA Inc Listed by Deadlock Ransomware Group
Doctus offers top-tier medical records services in the USA, specializing in the management and organ…
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →