Law firm Berman & Rabin is notifying roughly 152,000 individuals that their personal information was compromised in a July 2024 ransomware attack.
On July 8, the company said in a notification letter to the impacted individuals, Berman & Rabin identified suspicious activity on its systems, which included the encryption of certain data.
The law firm determined that the threat actor behind the attack had access to its network between July 5 and July 8, and that they accessed certain systems and exfiltrated data from them.
In October, Berman & Rabin determined that personal information such as names, Social Security numbers, and financial information was impacted in the incident.
“Although there is no evidence that any personal information has been misused, Berman & Rabin is providing notice to potentially impacted individuals in an abundance of caution,” the firm said in a filing with the Maine Attorney General’s Office.
This week, Berman & Rabin started sending written notifications to 151,944 individuals who might have been affected, and is providing them with one year of free credit monitoring services and identity restoration services.
Additionally, the company is providing the impacted individuals with guidance on how to place fraud alerts and security freezes on their credit files, and is notifying the relevant authorities and major credit reporting agencies of the incident.
Berman & Rabin has shared no information on the file-encrypting ransomware used in the attack and no known ransomware group has claimed responsibility for the incident, which could indicate that a ransom was paid.
SecurityWeek has contacted the law firm for clarification on the matter and will update this article as soon as a response arrives.
Headquartered in Overland Park, Kansas, and employing over 140 people, Berman & Rabin specializes in debt collection and creditor rights, providing creditor-specific legal services to financial institutions, businesses, and lenders.
Related: Smiths Group Scrambling to Restore Systems Following Cyberattack
Related: ENGlobal Says Personal Information Accessed in Ransomware Attack
