DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Hiscox Hack Suit Advances as Warden Grier Loses Dismissal Bid

Posted on July 25, 2020 by Dissent

Julia Weng reports:

Hiscox Insurance Co. Inc. can move forward with claims against Warden Grier LLP, which lost a bid to dismiss allegations that fault the law firm’s handling of a hack that exposed the insurer’s data.

Read more on Bloomberg.

As reported on DataBreaches.net in 2018, thedarkoverlord (“TDO”) had started leaking what they claimed were hacked files related to 9/11.  Those files came from a law firm used by insurer Hiscox. Hiscox informed this site that they had learned of the breach in April 2018. Hiscox’s statement to this site at the time did not reveal that the unnamed law firm was hacked in December 2016.

But in March, 2020, Hiscox filed suit against the Missouri-based law firm, Worden Grier, LLP.  The lawsuit alleges, in part:

11. On or around December 2016, an international hacker organization known as “The Dark Overlord” (“Hackers”) gained unauthorized access to Warden Grier’s computer system containing all of the sensitive information, including PI, stored on Warden Grier’s servers (the “2016 Data Breach”).

12. On information and belief, Hiscox understands that Warden Grier contacted outside attorneys and the FBI to investigate the matter, but did not hire a forensic IT firm to investigate the 2016 Data Breach or, if it did, has refused to provide Hiscox with the findings of any such investigation.

13. Despite being aware of the 2016 Data Breach, Warden Grier actively concealed or otherwise did not notify Hiscox or Hiscox’s insureds—all of whom were Warden Grier’s clients—of the 2016 Data Breach.

Hiscox’s suit claims that they became aware of the breach on March 28, 2018, when some of the data appeared on the dark web. When they investigated by contacting Warden Grier, they first learned that Warden Grier had not only failed to inform them, but they allegedly had not retained any forensic investigators, and had not informed any of Hiscox’s clients.  According to the complaint, Warden Grier paid TDO ransom or other demand to protect its and its clients’ personal information from dissemination. And this may be one of those cases that law enforcement warns victims about — that even if you pay a threat actor ransom, they might still misuse your data.

The Hiscox lawsuit was of particular interest to this site because in December 2016, law enforcement in the U.K. had charged Nathan Wyatt with a number of crimes, including hacking an unnamed law firm and trying to extort it for 10,000 euros.  Wyatt had pleaded guilty to all charges and was sentenced to three years in prison in November, 2017. He served less than half of that sentence. To this day, it has still not been made public who that law firm was or whether it was related to the 9/11 scheme or not, but Wyatt had signed the ransom demand to that law firm as “The Dark Overlords.”  The unnamed law firm was subsequently described by the Crown Prosecution Services as being in North England, but it is still unknown by this site if they had any connection to the 9/11 scheme and files.

Hiscox  never responded to this site’s inquiries asking whether there was any connection between the Warden Grier hack and the Wyatt hack, but if the Warden Grier files were first spotted on the dark web in March, 2018, the sale/distribution of those papers likely could not have involved Wyatt, as he was in prison.

In any event, in dismissing Warden Grier’s motion to dismiss certain counts of the complaint, the court did not reveal any additional details of note about the hack itself or the sale of the files on the dark web. If anything, the case’s main thrust may be that if a law firm gets hacked, it had better be sure to notify all its clients and those whose personally identifiable information was compromised by cybercriminals.

 

Category: Business SectorHack

Post navigation

← Blackbaud believes your data is safe from further misuse. Do you?
University of Utah notifying patients after phishing attack →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.