Law firms using case management software from TrialWorks found themselves unable to access their legal documents after the third-party service provider was hit with a ransomware attack earlier this month.
The Coral Gables, Florida-based company, which serves roughly 2,500 clients, was attacked back on Oct. 13, but reports of the incident only began to surface this week. According to a BleepingComputer report, TrialWorks did not acknowledge the attack in a public announcement, but did notify customers via email and assured them it was "actively decrypting and restoring data," which suggests the ransom was paid.
TrialWorks was one of 13 managed service providers or cloud-based service providers known to be hit by ransomware in 2019, causing disruptions to their respective customer bases, researchers with Armor revealed in a newly released report.
Among those 13 are SchoolinSites, a cloud-based education solutions provider; MetroList, which provides listing services to real estate brokers and agents; CorVel, a risk management solutions company serving the worker's compensation, auto, health and disability management industries; and BillTrust, a B2B order-to-cash solutions provider.
"This uptick in successful ransomware attacks against MSPs and/or cloud-based service providers is a harsh reminder that organizations have to ensure that the third-party vendors they do business with are as equally protected against the current and emerging cyber threats, as they are," said Chris Hinkley, Head of Armor's Threat Resistance Unit (TRU) research team. "This is especially true, because as we have seen, a successful ransomware attack against a MSP/cloud-based service provider can be debilitating to their customers, as well as to their own company, as the attack can quickly shut down key systems which the customers depend on to run their organization."
"And of course, a ransomware attack against an MSP can be fatal, putting a MSP out of business," Hinkley added, citing PM Consultants, an IT consulting firm and support provider for dental practices that closed down last July after being crippled by ransomware.