Orrick, Herrington & Sutcliffe, a law firm that specializes in cyberattacks, last week disclosed that more than 600,000 individuals were impacted by a data breach that happened in early 2023.
Between February 28 and March 13, 2023, the company said attackers had unauthorized access to a portion of its network, including a file share storing files related to Orrick's clients.
Orrick said its analysis of the exposed files determined that personal information pertaining to the customers of its clients was compromised in the attack, and that notification letters were sent to the impacted individuals starting June 2023.
Some of these individuals, the law firm said, were customers of companies that suffered data breaches.
Their information was shared with Orrick to facilitate the provision of legal counseling to those companies.
The compromised personal information includes names, addresses, dates of birth, Social Security numbers, driver's license or other government ID numbers, passport numbers, email addresses, financial account details, tax identification numbers, medical and health information, health insurance and healthcare provider details, online account credentials, and credit or debit card numbers.
Orrick informed the Maine AGO that the incident impacted close to 638,000 individuals, customers of entities such as Carelon, Delta Dental, EyeMed Vision Care, MultiPlan, and US Small Business Administration.
In December, the law firm said it had reached a tentative settlement in four class action suits related to the data breach, Reuters reported.
Founded in San Francisco in 1863, Orrick provides counseling on transactions, litigation, and regulatory matters for financial, government, infrastructure, technology, and other types of organizations.
This Cyber News was published on www.securityweek.com. Publication date: Fri, 05 Jan 2024 16:43:03 +0000