Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Legal Services Firm Epiq Hit by Ransomware

Legal services company Epiq has taken its systems offline globally after being hit by a piece of ransomware.

Epiq said on Monday that it detected the malware on its systems on February 29. The company said it had found no evidence that any data was exfiltrated or misused.

Legal services company Epiq has taken its systems offline globally after being hit by a piece of ransomware.

Epiq said on Monday that it detected the malware on its systems on February 29. The company said it had found no evidence that any data was exfiltrated or misused.

“As part of our comprehensive response plan, we immediately took our systems offline globally to contain the threat and began working with a third-party forensic firm to conduct an independent investigation,” Epiq said in a statement.

“Our technical team is working closely with world class third-party experts to address this matter, and bring our systems back online in a secure manner, as quickly as possible,” it added. “Federal law enforcement authorities have also been informed and are involved in the investigation.”

It’s unclear which ransomware was involved in the attack and how many of Epiq’s systems were impacted. SecurityWeek has reached out to the company for additional information and we will update this article if we receive a response.

TechCrunch learned from an Epiq employee that the ransomware affected the company’s entire fleet of computers across its 80 global offices. Employees were reportedly told not to go to their local offices without managerial approval and to avoid connecting any devices to the network.

The company’s website, which is currently offline, includes a data security section where the company claims it has a full-time information security team and highly secure, geographically dispersed data centers to reduce the risk of data exposure. However, TechCrunch’s source said many of the firm’s computers were running old versions of Windows and that nothing was up to date.

Ransomware attacks can cause serious problems for major organizations, and several big companies reported being hit over the past year, including Norwegian metals and energy giant Norsk Hydro, Australian shipping giant Toll, Aircraft parts maker ASCO, Mexican oil company Pemex, and testing services provider Eurofins Scientific.

Advertisement. Scroll to continue reading.

The DHS revealed recently that a piece of ransomware disrupted operations at some natural gas facilities, and an electric utility in Massachusetts informed customers last month that a ransomware infection had disrupted business operations.

Related: New Technique Allows Ransomware to Operate Undetected

Related: Railroad Construction Firm RailWorks Falls Victim to Ransomware

Related: Legislation Would Stiffen Penalties for Ransomware Attacks

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.