/

Orrick Data Breach: What & How It Happened?

Orrick Data Breach: What & How It Happened?

Twingate Team

Jun 14, 2024

In March 2023, Orrick, Herrington & Sutcliffe, a law firm, faced a data breach impacting a large number of individuals. The exposed data included sensitive information. The firm has agreed to an $8 million settlement to address claims from those affected, while denying any liability or wrongdoing.

How many accounts were compromised?

The breach impacted data related to approximately 638,000 individuals.

What data was leaked?

The data exposed in the breach included names, addresses, email addresses, dates of birth, Social Security numbers, driver's license numbers, passport numbers, financial account information, credit or debit card numbers, tax ID numbers, medical treatment or diagnosis information, insurance claims information, health insurance ID numbers, healthcare providers, medical record numbers, and account credentials.

How was Orrick hacked?

The breach at Orrick, Herrington & Sutcliffe occurred when hackers accessed sensitive personal and health data of over 637,000 individuals from a file share on the law firm's network. The exact method of infiltration remains unclear, as the available sources do not provide specific details on how the hackers gained access to the system.

Orrick's solution

In response to the hack, Orrick deployed additional security measures and tools with the guidance of third-party experts to strengthen the ongoing security of its network. The law firm expressed regret for the inconvenience caused by the breach and offered identity monitoring to the data breach victims. Although the exact method of infiltration remains unclear, Orrick has taken steps to enhance its security and prevent future incidents.

How do I know if I was affected?

Orrick has not explicitly mentioned reaching out to affected users in the provided information. However, if you believe you may have been affected by the breach, you can visit HaveIBeenPwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for any accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report any unauthorized transactions or changes immediately.

For more specific help and instructions related to Orrick's data breach, please contact Orrick's support directly.

Where can I go to learn more?

If you want to find more information on the Orrick data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

Orrick Data Breach: What & How It Happened?

Orrick Data Breach: What & How It Happened?

Twingate Team

Jun 14, 2024

In March 2023, Orrick, Herrington & Sutcliffe, a law firm, faced a data breach impacting a large number of individuals. The exposed data included sensitive information. The firm has agreed to an $8 million settlement to address claims from those affected, while denying any liability or wrongdoing.

How many accounts were compromised?

The breach impacted data related to approximately 638,000 individuals.

What data was leaked?

The data exposed in the breach included names, addresses, email addresses, dates of birth, Social Security numbers, driver's license numbers, passport numbers, financial account information, credit or debit card numbers, tax ID numbers, medical treatment or diagnosis information, insurance claims information, health insurance ID numbers, healthcare providers, medical record numbers, and account credentials.

How was Orrick hacked?

The breach at Orrick, Herrington & Sutcliffe occurred when hackers accessed sensitive personal and health data of over 637,000 individuals from a file share on the law firm's network. The exact method of infiltration remains unclear, as the available sources do not provide specific details on how the hackers gained access to the system.

Orrick's solution

In response to the hack, Orrick deployed additional security measures and tools with the guidance of third-party experts to strengthen the ongoing security of its network. The law firm expressed regret for the inconvenience caused by the breach and offered identity monitoring to the data breach victims. Although the exact method of infiltration remains unclear, Orrick has taken steps to enhance its security and prevent future incidents.

How do I know if I was affected?

Orrick has not explicitly mentioned reaching out to affected users in the provided information. However, if you believe you may have been affected by the breach, you can visit HaveIBeenPwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for any accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report any unauthorized transactions or changes immediately.

For more specific help and instructions related to Orrick's data breach, please contact Orrick's support directly.

Where can I go to learn more?

If you want to find more information on the Orrick data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

Orrick Data Breach: What & How It Happened?

Twingate Team

Jun 14, 2024

In March 2023, Orrick, Herrington & Sutcliffe, a law firm, faced a data breach impacting a large number of individuals. The exposed data included sensitive information. The firm has agreed to an $8 million settlement to address claims from those affected, while denying any liability or wrongdoing.

How many accounts were compromised?

The breach impacted data related to approximately 638,000 individuals.

What data was leaked?

The data exposed in the breach included names, addresses, email addresses, dates of birth, Social Security numbers, driver's license numbers, passport numbers, financial account information, credit or debit card numbers, tax ID numbers, medical treatment or diagnosis information, insurance claims information, health insurance ID numbers, healthcare providers, medical record numbers, and account credentials.

How was Orrick hacked?

The breach at Orrick, Herrington & Sutcliffe occurred when hackers accessed sensitive personal and health data of over 637,000 individuals from a file share on the law firm's network. The exact method of infiltration remains unclear, as the available sources do not provide specific details on how the hackers gained access to the system.

Orrick's solution

In response to the hack, Orrick deployed additional security measures and tools with the guidance of third-party experts to strengthen the ongoing security of its network. The law firm expressed regret for the inconvenience caused by the breach and offered identity monitoring to the data breach victims. Although the exact method of infiltration remains unclear, Orrick has taken steps to enhance its security and prevent future incidents.

How do I know if I was affected?

Orrick has not explicitly mentioned reaching out to affected users in the provided information. However, if you believe you may have been affected by the breach, you can visit HaveIBeenPwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for any accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report any unauthorized transactions or changes immediately.

For more specific help and instructions related to Orrick's data breach, please contact Orrick's support directly.

Where can I go to learn more?

If you want to find more information on the Orrick data breach, check out the following news articles: