Alaina Lancaster reports:
More than 60,000 additional confidential attorney discipline records were exposed in a data breach of the State Bar of California’s case management system, according to an ongoing investigation.
The bar’s IT incident response team and a third-party forensic firm calculated that more than 322,525 confidential records were available during the leak, compared to the about 260,000 records the bar originally reported as compromised.
On Feb. 26, the bar announced that a third-party website, judyrecords.com, had posted the confidential records, as well another 60,000 state bar court filings, in security exposure from Oct. 15, 2021 to Feb. 26. Bar representatives had said they contacted law enforcement to report the “unlawful” display of nonpublic data, but later reported the breach stemmed from a security vulnerability in its Tyler Technologies Odyssey case management portal.
Read more at The Recorder.
Some of the harvested and exposed records contained references to substance abuse or mental health issues.
The vulnerability in the Tyler Technologies Odyssey case management portal also impacted other Tyler Technologies clients using that same vulnerable installation of the management portal.