Data breach at international law firm impacts breach victims’ data

Over 637,000 individuals impacted by data breaches had their personal and sensitive health information compromised once again after a cyberattack against international law firm Orrick, Herrington & Sutcliffe last March, TechCrunch reports. Orrick has disclosed that its systems with data on other cybersecurity incidents have been infiltrated by hackers, who then stole data including names, birthdates, Social Security numbers, credit and debit card numbers, online account credentials, and postal and email addresses, as well as medical treatment and diagnosis details, from the clients of EyeMed Vision Care, Delta Dental, Beacon Health Options, MultiPlan, and the U.S. Small Business Administration. No additional details regarding the compromise have been provided but the total number of impacted individuals was noted to have significantly increased since its initial disclosure. Meanwhile, four class-action lawsuits alleging Orrick's failure to immediately notify affected individuals regarding the breach have already been settled. "We are pleased to reach a settlement well within a year of the incident, which brings this matter to a close, and will continue our ongoing focus on protecting our systems and the information of our clients and our firm," said Orrick in a filing before a San Francisco federal court last month.