Atlanta law firm says hackers stole the data of about 140,000 clients

Atlanta, Georgia-based law firm Montlick & Associates said that the data security incident it suffered earlier this year compromised the sensitive personal information of almost 140,000 individuals.

 

In a filing with the Office of Maine Attorney General, Montlick & Associates said that on September 2, it identified suspicious activity in its internal network. The law firm immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

“The investigation determined that certain portions of Montlick’s network were accessed between August 15, 2024 and August 27, 2024, and, during that time frame, certain files were copied without authorisation,” the firm said.

 

A comprehensive review of the compromised files revealed that the sensitive personal information of its clients was accessed during the incident. The compromised data included name and other personal identifiers, and medical information including treatment and diagnosis data.

 

The firm’s filing with the Maine state regulator also revealed that at least 138,515 individuals were impacted as a result of the cyber security incident.

 

“In response to this matter, we dedicated significant resources to confirming the security of our network, conducting a comprehensive investigation, and completing a detailed review of the relevant files. We then worked to provide notice to potentially affected individuals as quickly as possible.

 

“As part of our ongoing commitment to the security of information in our care, we are also reviewing our existing policies and procedures and enhancing our existing security tools,” Montlick added.

 

While the law firm found no evidence of the compromised information being misused, it has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and state attorney general.

 

It has also offered one year of complimentary identity protection and credit monitoring services through Equifax to all affected individuals.