Houser LLP, a U.S. law firm specializing in serving high-profile financial institutions, disclosed a substantial data breach affecting more than 325,000 individuals. Discovered in May 2023, the breach exposed personal data, potentially including sensitive information such as credit card numbers. In a regulatory filing, Houser LLP revealed that certain files were encrypted during the incident and were copied and taken from the network. The compromised data included names, Social Security numbers, driver’s license numbers, individual tax identification numbers, financial account information, and medical information.
The law firm reported that an unspecified third-party company determined there was “unauthorized access” to Houser’s network between May 7 and May 9. Following the breach, the unauthorized actor informed Houser in June 2023 that they deleted copies of the stolen data and would not distribute any stolen files. Houser LLP completed a comprehensive review with the third-party vendor on January 18 of the following year, initiating the notification process for affected clients and individuals. The firm offered extensive details about cybersecurity measures implemented post-breach, including the deployment of RocketCyber, multi-factor authentication, ransomware detection software, phishing simulation software, and vulnerability assessments. Recipients were also provided with credit monitoring services, and law enforcement has been notified about the incident.
