CT: Wiggin and Dana law firm discloses ransomware attack
A Connecticut law firm is disclosing a breach that is still under investigation. The firm claims that it was in July that they received confirmation of data access. They do not reveal when the attack actually occurred or when it was first detected. DataBreaches.net has written to the firm to ask for clarification on the time frame and to inquire which group of threat actors may have been involved in this attack. This post will be updated if a response is received.
WESTPORT, Conn., Oct. 22, 2021 /PRNewswire/ — Wiggin and Dana LLP (“Wiggin and Dana”) recently experienced a security incident that affected their network systems. Wiggin and Dana engaged leading third-party cyber-forensic specialists to assist in the investigation to determine the full nature and scope of the incident. Wiggin and Dana, with the assistance of the forensic specialists, also conducted a thorough and time-consuming review to identify any information that may have been accessed during this event. Unfortunately, on July 20, 2021, Wiggin and Dana received confirmation that certain files stored within their environment may have been accessed.
While the investigation was able to determine that certain systems were accessed, Wiggin and Dana was unable to determine all of the sensitive information that was actually accessed or acquired by the unauthorized actor. Therefore, in an abundance of caution, Wiggin and Dana is providing notice of this incident and conducting a review of the contents of the impacted systems that may contain sensitive information. Although this review is still in progress, Wiggin and Dana is providing notice because the investigation confirmed that the following types of information may have been present in the affected systems at the time of the incident: name, date of birth, Social Security number, financial account information, medical/diagnosis/treatment information, and/or government issued identification numbers.
Read more on PRNewswire