Massive Data Breach Exposes Orrick Law Firm’s Clients

Massive Data Breach Exposes Orrick Law Firms Clients


The recent data breach at Orrick, Herrington & Sutcliffe has sent shockwaves through the legal community, exposing the personal information of over 600,000 individuals. This unfortunate incident, which took place between February 28 and March 13, 2023, has raised serious concerns about the security measures employed by prominent law firms.

The compromised data includes sensitive details such as names, addresses, Social Security numbers, and financial account information, leaving victims vulnerable to potential identity theft and fraud.

Key Takeaways

  • Orrick, Herrington & Sutcliffe experienced a significant data breach that impacted over 600,000 individuals.
  • The breach occurred between February 28 and March 13, 2023, with attackers gaining unauthorized access to a portion of Orrick’s network.
  • Personal information compromised in the breach included names, addresses, Social Security numbers, financial account details, and additional data such as driver’s license or government ID numbers, passport numbers, and email addresses.
  • The affected individuals were primarily customers of Orrick’s clients, including companies like Carelon, Delta Dental, EyeMed Vision Care, MultiPlan, and the US Small Business Administration.

Scope of the Orrick Data Breach

cybersecurity summit

The extent of the Orrick data breach encompassed a significant number of individuals and a wide range of compromised personal information, raising concerns about the potential impact on affected parties. Orrick, Herrington & Sutcliffe disclosed that over 600,000 individuals were impacted by the breach, which occurred between February 28 and March 13, 2023.

The unauthorized access to a portion of Orrick’s network resulted in the compromise of various personal details, including names, addresses, Social Security numbers, financial account details, and more. This breach also exposed other sensitive information such as drivers license or government ID numbers, passport numbers, email addresses, tax identification numbers, and medical and health information. Additionally, health insurance and healthcare provider details, online account credentials, and credit or debit card numbers were compromised.

READ  Mother of All Data Breaches: Data Leak Reveals 26 Billion Account Records Stolen From Twitter, LinkedIn

Despite the breach, Orrick has not detected any misuse of the affected personal information.

Compromised Personal Information

cyber security services company

The data breach at Orrick Law Firm resulted in the compromise of a wide range of personal information, including names, addresses, and Social Security numbers. In addition to these details, other compromised data includes dates of birth, drivers license or government ID numbers, passport numbers, email addresses, financial account details, tax identification numbers, and medical and health information.

Furthermore, the breach exposed health insurance and healthcare provider details, online account credentials, and credit or debit card numbers. It is important to note that Orrick is not aware of any misuse of the affected personal information at this time.

The compromised personal information belonged to customers of Orrick’s clients, some of whom were also affected by previous data breaches. Orrick has taken steps to strengthen network security and has reached a tentative settlement in four class action suits related to the breach.

Impact on Affected Individuals

cisco cybersecurity

Impacted individuals of the data breach at Orrick Law Firm faced potential consequences due to the exposure of their personal information. The compromised personal information belonged to customers of Orrick’s clients, including Carelon, Delta Dental, EyeMed Vision Care, MultiPlan, and the US Small Business Administration. Some of these individuals were already customers of companies that had previously suffered data breaches. Orrick obtained their information to provide legal counseling to those companies.

The impacted individuals were notified through letters starting in June 2023. While Orrick is not aware of any misuse of the affected personal information, the exposure of sensitive data such as names, addresses, Social Security numbers, and financial account details puts these individuals at risk of identity theft, fraud, and other potential harm.

READ  MongoDB Confirms Customer Data Exposed in Cyberattack

Orrick’s Response and Settlement

confidentiality in cyber security

Orrick Law Firm responded swiftly to the data breach, implementing additional security measures and reaching a tentative settlement in class action suits. In an effort to enhance network security, Orrick deployed additional security measures and tools, with guidance from third-party experts. These measures were aimed at strengthening the firm’s network infrastructure and preventing future unauthorized access.

Furthermore, Orrick took the necessary steps to address the legal implications of the breach by reaching a tentative settlement in four class action suits related to the incident. The settlement, which was reported in December, demonstrates the law firm’s commitment to resolving the matter and mitigating the impact on affected individuals. With its expertise in counseling on transactions, litigation, and regulatory matters, Orrick continues to prioritize the security and protection of its clients’ information.

Frequently Asked Questions

How Did the Attackers Gain Unauthorized Access to Orrick’s Network?

The attackers gained unauthorized access to Orrick’s network through an as-yet-unknown method. The breach occurred between February 28 and March 13, 2023, and compromised personal information of over 600,000 individuals, including names, addresses, and Social Security numbers.

Are There Any Specific Industries or Sectors That the Impacted Individuals Belong To?

The impacted individuals belong to various industries and sectors, including healthcare (Carelon, Delta Dental, EyeMed Vision Care), insurance (MultiPlan), and small businesses (US Small Business Administration).

Was Any Financial Loss Reported as a Result of the Data Breach?

No financial loss has been reported as a result of the data breach at Orrick Law Firm. However, the compromised personal information included financial account details, and affected individuals are advised to monitor their accounts for any unauthorized activity.

READ  Norton Healthcare says 2.5 million people 'potentially' impacted by ransomware attack

How Did Orrick Notify the Affected Individuals About the Data Breach?

Orrick Law Firm notified the affected individuals about the data breach through letters, starting in June 2023. The breach impacted customers of companies such as Carelon, Delta Dental, EyeMed Vision Care, MultiPlan, and US Small Business Administration.

What Measures Did Orrick Take to Prevent Similar Data Breaches in the Future?

To prevent similar data breaches in the future, Orrick Law Firm implemented additional security measures and tools on their network. They sought guidance from third-party experts and reached a tentative settlement in four class action suits related to the breach.

Read Get Hitch for all your AI, VPN, tech and cyber security news and information

 

You May Also Like