Orrick, Herrington & Sutcliffe, a San Francisco-based law firm that specializes in cyberattack and data breach legal counsel, experienced a data breach of their own in early 2023, prompting legal repercussions and several class-action lawsuits.
The cyberattack exposed over 637,000 victims with vision and dental plans, including insurance giants EyeMed Vision Care and Delta Dental of California. Personal information, medical details, online account credentials, and financial data were stolen as a result.
Why it matters: The breach underscores the vulnerability of even cybersecurity-focused entities. This attack not only affected Orrick’s direct clients but also individuals associated with other companies that had previously suffered data breaches and sought Orrick’s counsel.
- The intrusion into Orrick’s network was first detected on February 28, 2023, and officially reported on March 13, 2023. Following the discovery, Orrick promptly began notifying affected individuals through written notifications in September and November 2023.
- Since detecting the security incident, Orrick reported that there had been no evidence of further unauthorized activity on their network.
- Clients and businesses may question the ability of even expert entities to safeguard sensitive information, potentially leading to a broader reevaluation of cybersecurity practices across various sectors.
Go Deeper –> Orrick, Herrington & Sutcliffe, a law firm that handles data breaches was hit by data breach – Tech Startups
Law firm that handles data breaches was hit by data breach – Tech Crunch