Legal tech firm Casepoint investigates breach as hackers claim theft

Casepoint, a U.S.-based legal (e-discovery) technology platform used by government agencies, corporations, and law firms, is investigating a potential cybersecurity incident. The investigation is initiated following claims by hackers that they compromised the platform and stole terabytes of sensitive data.

The ALPHV (BlackCat) ransomware gang, has taken responsibility for the attack and has listed the stolen data on its dark web leak site, claiming to have accessed sensitive information from Casepoint, including data from the U.S. government. Samples of the stolen data shared by BlacCat include sensitive health information, legal documents, government-issued IDs, and an internal document allegedly issued by the FBI.

Casepoint has activated incident response protocols and engaged an external forensic firm to investigate the incident. No details of the investigation are shared nor whether any communication such as a ransom demand, has been received from the ALPV ransomware group.

On top of the data breach and exposure if individuals, E-Discovery platforms hold  confidential and attorney-client privilege documents trusted to remain confidential and are parts of active litigations. If these documents got out, they are a fair game for theft of intellectual property and could cause a lot of legal issues and advantage to opposing counsel, cause mistrials, trigger new litigation as internal processes are exposed.

Casepoint states that they remain fully operational while conducting scans and deploying advanced endpoint detection monitoring tools to identify any signs of suspicious activity.