Trialworks Attack Locks Out 5% of Clients
Trialworks, a South Florida software company that manages electronic records for thousands of law firms nationwide, fell victim to a ransomware attack in mid-October that restricted access to over five percent of their customers. At least one of the affected firms has been unable to access their records for over two weeks now. According to the Miami Herald, a Florida law firm was forced to request more time to meet a filing deadline in a gender-discrimination employment case in federal court on Thursday because it could not access its electronic documents stored with TrialWorks. Luckily, an extension was granted.
Though the company appears to have hired a cybersecurity consulting firm to assist in recovery efforts, it remains unclear whether TrialWorks paid the requested ransom or not, or whether the company employed a managed security services provider (MSSP) for risk mitigation, data security protection, and/or business continuity services. The company did report that they have not contacted federal authorities, but plan to share their findings from their own internal investigation. Initial court records show that Trialworks began alerting its customers to a possible security breach that was initially thought to be a result of a Microsoft service outage. The company cited the “ransomware incident” in at least one correspondence with at least one law firm, but did not provide further details.
The Trialworks attack again brings to the national spotlight the growing trend of ransomware attacks aimed at the massive quantities of protected digital information in cloud storage systems. Now is the time for providers of cloud services (and their customers) to become hyper-vigilant of security procedures and data protection.