[BreachExchange] Ransomware hit TrialWorks, law firms and lawyers were not able to access court documents

Destry Winant destry at riskbasedsecurity.com
Tue Oct 29 10:01:40 EDT 2019 

https://securityaffairs.co/wordpress/93040/malware/trialworks-ransomware-attack.html

TrialWorks, one of the most established providers of legal case
management software for law firms and attorneys, was hit by
ransomware.

TrialWorks, a company that provides the most established and widely
used legal case management software solutions, was a victim of a
ransomware attack earlier this month.

At result of the attack, law firms and lawyers, were not able to
access the legal documents hosted on TrialWorks’ platform.

On October 13, the company notified its customers of a hosting service
outage at their data center.

The day after the company sent to its customers informing them of a
security incident caused by ransomware.

“Thank you for your continued patience as we have worked tirelessly to
restore access to your data following the ransomware incident
TrialWorks experienced,” reads the email.

The company hired several cyber security firms that will help it in
investigating the incident and restore normal operations.

On October 15, TrialWorks announced that the threat was completely
eradicated from its systems and its staff was “actively decrypting and
restoring data.” The announcement suggests that the company obtained
in some way the decryption keys to restore the files, likely after
paying the ransom.

At the time of writing it is not clear how the ransomware infected the
company and which is the family of ransomware involved in the security
incident.

The incident had a significant impact on the TrialWorks’s customers,
some of them were forced to request the courts to extend the deadline
for providing case documents.

The incident was also reported by the Miami Herald that confirmed that
a ransomware attack blocked operations of some law firms in the
state.2

“Reams of digital legal documents have been held hostage under a
ransomware threat to a South Florida software company that manages
electronic records for thousands of law firms nationwide, the Miami
Herald has learned.” states the Miami Herald.

“TrialWorks acknowledged it “was recently targeted by a ransomware
incident that did not affect our software but did prevent
approximately 5 percent of our customers … from accessing their
accounts.””

At the time of writing, the company restored access to the documents
for its customers.

“We are not the first, nor will we be the last organization in our
industry to be the target of one of these attacks. However, we have
learned from this experience and are committed to expend all the
resources required to both address this issue head-on and mitigate the
chance of a recurrence.” said Patrice Gimenez, TrialWorks Chief
Customer Advocate.

More information about the BreachExchange mailing list