Brown, Gruttadaro, & Prato PLLC, a law firm based in Rochester, NY, has confirmed a data breach that affected 520 individuals, including one resident from Maine. The breach occurred on January 24, 2024, but was only discovered on October 22, 2024. The firm reported that the breach was the result of an external system hack, and it is believed that the compromised data included personal identifiers such as names.
In response to the breach, the law firm has implemented several measures to address the incident and protect affected individuals. Notifications were sent to those impacted by the breach, with written notices distributed on December 4, 2024. The firm has also worked closely with a third-party provider, IDX, a ZeroFox company, to offer identity theft protection services for 12 months.
The law firm’s actions are in compliance with legal requirements, ensuring that impacted individuals are informed of the breach and provided with protection against potential misuse of their personal information. Brown, Gruttadaro, & Prato PLLC has also committed to reviewing its security protocols to prevent similar breaches in the future.
Though the breach primarily affected 520 individuals, the law firm is taking proactive steps to ensure that any further risks are mitigated. By offering identity theft protection and taking responsibility for the breach, the firm aims to minimize harm to those affected and restore trust in its services. The breach highlights the importance of robust cybersecurity measures for businesses handling sensitive information.
Reference:
