The Wolf Haldenstein law firm has released an advisory regarding a data breach incident it experienced a couple of years ago. The advisory also reported that the breach on Wolf Haldenstein Adler Freeman & Herz LLP had exposed the personal information of roughly 3.5 million individuals to hackers.
According to reports, the cyber incident occurred on December 13, 2023, but the firm claims that data processing and digital forensic issues caused significant delays in the execution of its investigation.
The law firm issued a data breach alert on its website last week and an item on Maine AG’s data breach portal. Both advisories indicated that the hack compromised approximately 3,445,537 people.
Although the company determined this number of impacted individuals in December last year, it has not discovered contact information for many affected individuals, so notices have not yet been sent.
The Wolf Haldenstein hackers have allegedly accessed personal information.
The Wolf Haldenstein firm’s advisory noted that they suffered the data breach in late 2023, during which hackers accessed personal information on its systems.
Although the legal company claims it has no proof that the disclosed data was exploited, it advises impacted individuals that hackers may have acquired various details, such as full name, social security number (SSN), employee identification number, medical diagnosis, and medical claims information.
Exposure to such information could allow threat actors to execute other cybercriminal activities, such as phishing, fraud, social engineering, and targeted attacks on affected individuals. The predicament was aggravated by the firm’s delayed progress in discovering who was affected and the delay in disclosing this information.
However, the company assures anyone who suspects they are affected that they will be offered complimentary credit monitoring services despite the inability to contact impacted individuals personally.
Furthermore, the law firm advises people, especially the potentially affected ones, to stay vigilant against unsolicited communications and unwanted activities on their accounts. These people should also consider establishing a fraud alert or a security freeze to mitigate the breach’s impact.
The firm has yet to specify if the exposed data belongs to clients, staff, or others whose information was stored on its systems. Therefore, everyone who has executed a transaction with the law firm in any form should be wary of possible exploitation.
