Law firm Fox Rothschild hit with class action over data breach

U.S. law firm Fox Rothschild was sued on Tuesday in a proposed class action lawsuit for allegedly failing to safeguard sensitive personal data and allowing hackers to access people's names and Social Security numbers in a data breach in May. The lawsuit alleges that the data breach was carried out by the Silent Ransom Group, which has been targeting law firms since 2023, according to the FBI. The suit was brought by Jasmine Trotter, a Georgia resident who said Fox Rothschild possessed her personal information in connection with an unspecified legal case. Trotter alleged that Fox Rothschild did not issue a notice about the data breach and failed to use reasonable procedures to keep her data secure. Mark McCreary, Fox Rothschild's chief AI & information security officer, stated in a press release that the firm is continuing to investigate the breach and will provide notice as required by applicable law. McCreary said one attorney at the firm was "the victim of a sophisticated social engineering event" and that the breach was limited to a single device. The firm's data security practices "limited the potential scope of this event," McCreary said. Law firms have faced mounting lawsuits stemming from hacking incidents. Some, including Gunster Yoakley & Stewart, Orrick Herrington & Sutcliffe, and Bryan Cave Leighton Paisner, have reached settlements in recent years. Silent Ransom Group claimed responsibility earlier this year for hacking Jones Day, a major law firm that represented President Donald Trump in his 2016 and 2020 election campaigns.

(Source：Reuters)