Kearney & Company

Kearney & Company is a certified public accounting firm headquartered in the United States, specializing in financial audit and consulting services with a distinct focus on government clients. The firm provides core professional services including financial statement audits, regulatory compliance reviews, and advisory consulting, primarily serving federal, state, and local government entities as well as organizations that contract with the public sector. Its operational scope is defined by this government-centric market, requiring deep expertise in public sector accounting standards, federal acquisition regulations, and the stringent oversight environments characteristic of government-funded programs. The firm's work involves handling highly sensitive data, including financial documents, contracts, audit reports, and billing records, which are critical to the operational integrity and transparency of its government clients. This positioning places Kearney & Company within the specialized segment of the accounting industry that supports public sector accountability and financial management.

The firm's distinguishing attribute is its specialized role as a trusted provider for government agencies, a position that necessitates rigorous security protocols due to the nature of the data it accesses and the criticality of its clients' missions. This specialization inherently involves navigating complex regulatory frameworks and maintaining the highest levels of data confidentiality. The November 2022 ransomware incident involving the LockBit 3.0 group explicitly demonstrates the high-value target status conferred by this government-focused practice. The attackers exfiltrated sensitive client data, including financial documents and audit reports, and demanded a multi-million dollar ransom, highlighting the direct operational and reputational risks associated with safeguarding public sector information. This event underscores the firm's exposure to sophisticated cyber threats precisely because of its portfolio of government contracts and the critical data it processes. No information is provided regarding the firm's ownership structure, parent companies, or specific quantitative metrics such as employee count or annual revenue, so these aspects are not included. The incident remains a key reference point for understanding the cybersecurity threat landscape faced by specialized government contractors in the professional services sector.