Law firm reports data breach affecting more than 325,000 people

Houser LLP, a U.S. law firm that specializes in serving high-profile financial institutions, said a system breach discovered in May 2023 exposed the personal data — possibly including sensitive information such as credit card numbers — of more than 325,000 people.

In a regulatory filing posted Wednesday by Maine’s attorney general, the company said certain files were encrypted during the incident and were “copied and taken from the network.”

The data included names “and one or more of Social Security number, driver’s license number, individual tax identification number, financial account information, and medical information,” Houser said. The firm also filed a notification with California’s attorney general.

An unspecified third-party company later determined that there was “unauthorized access” to Houser’s network between May 7 and May 9, the firm said.

The regulatory filing said Houser had contact with the attackers soon afterward, but it does not explain the nature of the communication. Recorded Future News has reached out to the firm for more information.

At some point in June 2023, “the unauthorized actor informed Houser that they deleted copies of any stolen data and would not distribute any stolen files,” the firm said.

The third-party vendor completed its review on January 18 of this year, the filing said.

“Upon receipt of this file, Houser began notifying its clients of the investigation and findings and offered to mail letters to potentially impacted individuals on behalf of these clients,” the firm said.

Houser has about a dozen offices nationwide with the goal of serving clients in “every major financial center.” Its specialties include litigation management, commercial and real estate law, class action defenses and regulatory compliance. The firm’s partners tout work for institutions such as Citibank, Deutsche Bank and HSBC.

In its letter to people potentially affected by the breach, the firm offered extensive details about the cybersecurity measures it took afterward.

“These additional safeguards include, but are not limited to, deployment of RocketCyber, an endpoint detection and response tool. We also implemented multi-factor authentication for Outlook 365, Net Extender VPN tunnel and remote desktop connection,” Houser said. “We also added ransomware detection software, implemented the use of phishing simulation software and conducted vulnerability assessment and penetration testing.”

Recipients have been offered credit monitoring services, and law enforcement has been notified about the incident, Houser said.