E-Discovery Company Casepoint Investigates Data Breach After Files Found On Dark Web

The e-discovery company Casepoint is investigating a data breach after a ransomware gang claimed to have over two terabytes of its data, including attorney files, visa details, information from the U.S. government, “and many other things that you have tried so hard to keep.” The cybersecurity company FalconFeeds.io posted on Twitter that the Russia-linked ALPHV ransomware gang, also known as BlackCat, claimed Casepoint as a victim and posted files on the dark web as a sample of the compromised data. ALPHV #ransomware group has added Case Point (https://t.co/ijWdezKZdF) to their victim list. The provided sample contains visa details, a report, a certificate, etc.#USA #DarkWeb #DeepWeb #CyberRisk pic.twitter.com/dK68LkD9tq — FalconFeedsio (@FalconFeedsio) May 30, 2023 TechCrunch reports that Vishal Rajpara, Casepoint’s cofounder and chief technology officer, confirmed that the company had “activated our incident response protocols” on May 30 and “engaged an external forensic firm to he

Kevin

A person who loves writing, loves novels, and loves life.Seeking objective truth, hoping for world peace, and wishing for a world without wars.
  Law News   Jul 28, 2023  Add to Reading List
E-Discovery Company Casepoint Investigates Data Breach After Files Found On Dark Web

The e-discovery company Casepoint is investigating a data breach after a ransomware gang claimed to have over two terabytes of its data, including attorney files, visa details, information from the U.S. government, “and many other things that you have tried so hard to keep.”

The cybersecurity company FalconFeeds.io posted on Twitter that the Russia-linked ALPHV ransomware gang, also known as BlackCat, claimed Casepoint as a victim and posted files on the dark web as a sample of the compromised data.

ALPHV #ransomware group has added Case Point (https://t.co/ijWdezKZdF) to their victim list. The provided sample contains visa details, a report, a certificate, etc.#USA #DarkWeb #DeepWeb #CyberRisk pic.twitter.com/dK68LkD9tq

— FalconFeedsio (@FalconFeedsio) May 30, 2023

TechCrunch reports that Vishal Rajpara, Casepoint’s cofounder and chief technology officer, confirmed that the company had “activated our incident response protocols” on May 30 and “engaged an external forensic firm to help us investigate a potential incident.”

Casepoint’s clients include the U.S. Courts, the U.S. Securities and Exchange Commission, the U.S. Department of Defense, the Marriott hotel chain, and the Mayo Clinic, according to TechCrunch and other reports.

Jamie Boote, associate software security consultant at Synopsys Software Integrity Group, said a lot could be at risk if discovery documents are exposed.

“Discovery platforms—as in eDiscovery—hold all sorts of confidential and attorney-client privilege documents that could be the subject of active litigation,” Boote said. “If these documents got out, they could provide unfair edges to opposing counsels that could tip potential millions of dollars in awarded judgments or settlements, or cause mistrials if criminal prosecutors used the platform for their discovery purposes.”

The TechCrunch report said it had seen samples of the exfiltrated data that included sensitive health information from a Georgia hospital, a legal document, a government-issued ID, and an internal document allegedly issued by the FBI.

Casepoint says it was the first cloud e-discovery platform to achieve both FedRAMP and StateRAMP authorization and that it “continues to meet rigorous security requirements.”

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow

Tags