DocketWise data breach impacted more than 116,000 individuals

A major cyber attack on DocketWise, a case management platform used by immigration attorneys in the US, led to the breach of the personal information of more than 116,000 immigration applicants.

 

DocketWise said the data security incident came to light when it discovered in October that credentials for one of its third party repositories had been accessed by unauthorised third parties. The company immediately launched a forensic investigation into the incident with help from third party cyber security experts to determine the nature and scope of the unauthorised intrusion.

 

The investigation revealed that malicious actors had used valid credentials to gain access to repositories owned by a number of immigration law firms. The threat actors promptly cloned the repositories, some of which were used as a data migration pipeline to the DOcketWise application that contained law firm records and personal information.

 

The forensic investigation also determined that the stolen information was not leaked on the dark web, nor was it used to threaten or extort immigration law firms in the US. DocketWise reported the data security incident to the FBI.

 

After the forensic examination concluded, the company launched another in-depth investigation with help from a data analytics company to identify the type of personal information potentially impacted, determine the individuals whose data was compromised, and to further access the nature of the compromised data.

 

"Following the review, DocketWise determined that certain personal information belonging to clients of a small portion of its law firm customers was subject to unauthorised acquisition," DocketWise said. "DocketWise moved swiftly to notify affected law firm customers of the potential impact to certain of their clients and coordinated closely with its affected law firm customers to ensure the information pertaining to the respective law firms was accurate."

 

DocketWise informed the office of the Attorney General of Maine that the data security incident compromised the personal information of as many as 116,666 individuals. The compromised information included names, addresses, Social Security numbers, dates of birth, driver’s licence numbers, passport numbers, bank account numbers, banking credentials, government identification numbers, tax identification numbers, health insurance policy numbers, medical condition or treatment information, and username and access information for a non-financial account.

 

"DocketWise is committed to and takes very seriously its responsibility to protect all data entrusted to it. As part of the ongoing commitment to the privacy of personal information in the care, of DocketWise, the company implemented additional measures to further enhance its cybersecurity posture and is reviewing existing policies to further protect against similar incidents moving forward," the company added.

 

The company is providing two years of complimentary credit monitoring and identity restoration services to all individuals impacted by the data security incident and is offering guidance on how to protect against identity theft and fraud, including advising individuals to report any suspected identity theft or fraud to their financial institutions.