Clark Patterson Lee Reports Data Breach Following “Encryption” Event | Console and Associates, PC
On August 15, 2022, Clark Patterson Lee (“CPL”) reported a data breach to the Vermont Attorney General’s Office after the company suffered what appears to be a ransomware attack. After confirming the breach and identifying all affected parties, Clark Patterson Lee began sending data breach letters to anyone whose information was leaked. CPL has not yet publicly disclosed what kind of data was compromised in the cyberattack; however, based on state data breach reporting requirements, the information is likely to include sensitive data types, such as social security numbers or financial account information.
If you have received a data breach notification, it is essential that you understand what is at risk and what you can do about it. To learn more about how to protect yourself from fraud or identity theft and what your legal options are following the Clark Patterson Lee data breach, please see our recent article on the subject. here.
What we know about the Clark Patterson Lee data breach
Information about the Clark Patterson Lee data breach comes from an official filing with the Vermont Attorney General’s office. According to the most recent information, on June 10, 2022, CPL detected a potential network security incident when certain files on the company’s network appeared to have been encrypted. In response, CPL contacted outside cybersecurity professionals to help with the company’s investigation.
CPL’s investigation revealed that an unauthorized person had accessed certain files on the company’s servers between the dates of June 9, 2022 and June 10, 2022. Additionally, CPL confirmed that some of the files accessed contained sensitive information belonging to certain individuals.
After discovering that sensitive consumer data was accessible to an unauthorized party, Clark Patterson Lee began the process of reviewing all affected files to determine what information was compromised and which consumers were impacted by the incident. CPL completed its review of records on July 28, 2022.
On August 15, 2022, Clark Patterson Lee sent data breach letters to everyone whose information was compromised as a result of the recent data security incident.
More on Clark Patterson Lee
Clark Patterson Lee is a multidisciplinary architecture, engineering, design and planning firm based in Latham, New York. In this sense, the company offers a range of services related to architecture, including interior design, civil engineering, transport architecture, building and structural engineering, landscape architecture, municipal services and planning. Clark Patterson Lee employs over 434 people and generates approximately $175 million in annual revenue.
Was the Clark Patterson Lee breach caused by a ransomware attack?
In the data breach letter that CPL sent to the victims of the recent data security incident, the company mentioned that it first detected a potential data security incident when it learned that the files of its network had been encrypted. Encryption is a process that encodes files, making them inaccessible to anyone without the encryption key (which is usually a password). Individuals and businesses encrypt files every day to protect sensitive data from unauthorized access. However, cybercriminals also use encryption when performing certain types of cyberattacks, typically ransomware attacks.
So, although CPL did not explicitly state that the incident was due to a ransomware attack, it is a good indication that it was.
A ransomware attack occurs when a hacker installs malicious software that encrypts files on a victim’s computer. When the victim of the attack reconnects to their computer, they see a message asking them to pay a ransom if they want to regain access to their computer. If the victim pays the ransom, the hackers decrypt the files. For the most part, hackers keep their word to decrypt files after a company pays a ransom, because if they don’t, companies would have no incentive to pay a ransom.
However, hackers have recently started adding an extra incentive by threatening to post the stolen data on the dark web if a company doesn’t pay the ransom. While the FBI advises businesses not to pay a ransom following a ransomware attack, businesses that fall victim to a ransomware attack are in a difficult position as many would prefer to discreetly pay a ransom to avoid news of the breach. become public.
However, businesses can and should take preventative measures to avoid becoming the target of a ransomware attack in the first place. For example, educating employees about the risks of phishing emails and developing state-of-the-art data security systems are two relatively simple things companies can do to prevent these attacks. Unfortunately, despite widespread awareness of the risks of ransomware attacks, many organizations do not devote adequate resources to preventing ransomware attacks.