CasePoint Suffers a Data Breach

Casepoint,a legal discovery technology service provider to the U.S. Securities and Exchange Commission, the Department of Agricultural and various courts, has suffered a data breach.

Casepoint said it’s investigating a data breach after the BlackCat ransomware group claimed to have hacked and obtained over 2 terabytes of data from Casepoint, including attorney files and “many other things that you have tried to hard to keep.” The group asked the company to “get in touch, or we’ll start posting your data on our blog soon.”

Casepoint has launched its incident response protocols the same day that BlackCat made its claim and engaged an external forensics firm to investigate what Casepoint calls a “potential incident.” and its services have not been disrupted.

The lack of disruption to services may indicate that ransomware was not involved in the attack and may have been a far more straightforward case of data theft not that it will mean much to Casepoint’s customers if their information has been stolen. It would not be surprising if it were a simple case of data theft, either.

Traditional ransomware groups, having originally shifted to “double tap” ransomware attacks where they encrypt files and steal data, have recently abandoned the encryption part as the extortion value proposition in 2023 is threatening to publish stolen data if a ransom is not paid.

BlackCat was previously in the news in April when it targeted retail point-of-sale and automatic teller machine technology company NCR Corp. The attack on NCR did involve ransomware, with NCR suffering a service outage as a result.