Casepoint Inc., a legal discovery technology company that provides services to the U.S. Securities and Exchange Commission, the Department of Agricultural and various courts, is investigating a data breach after the BlackCat/ALPHV ransomware group claimed to have hacked them.
BlackCat claimed on their hacking site on May 30 that they had obtained over 2 TB of data from Casepoint, including attorney files and “many other things that you have tried to hard to keep.” The group asked the company to “get in touch, or we’ll start posting your data on our blog soon.”
According to TechCrunch, the company launched its incident response protocols the same day that BlackCat made its claim and engaged an external forensic firm to investigate what Casepoint calls a “potential incident.” The company’s services have not been disrupted.
The lack of disruption to services may indicate that ransomware was not involved in the attack and may have been a far more straightforward case of data theft – not that it will mean much to Casepoint’s customers if their information has been stolen. It would not be surprising if it were a simple case of data theft, either. Traditional ransomware groups, having originally shifted to “double tap” ransomware attacks where they encrypt files and steal data, have recently abandoned the encryption part as the extortion value proposition in 2023 is threatening to publish stolen data if a ransom is not paid.
BlackCat/ALPHV was previously in the news in April when they targeted retail point-of-sale and automatic teller machine technology company NCR Corp. The attack on NCR did involve ransomware, with NCR suffering a service outage as a result.
“Discovery platforms – as in eDiscovery – hold all sorts of confidential and attorney-client privilege documents that could be the subject of active litigation,” Jamie Boote, an associate software security consultant at Synopsys Software Integrity Group, told SiliconANGLE. “If these documents got out, they could provide unfair edges to opposing counsels that could tip potential millions of dollars in awarded judgments or settlements, or cause mistrials if criminal prosecutors used the platform for their discovery purposes.”
Your vote of support is important to us and it helps us keep the content FREE.
One-click below supports our mission to provide free, deep and relevant content.
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.