Elevate Services Breach - March 5, 2022

Elevate Services is a smart legal service provider to lawyers, paralegals, and other professionals in the legal industry. The company manages legal data, handles invoicing and subpoenas, and helps with contract management. This smart legal service provider has more than 1,000 employees and offers services to lawyers throughout the United States.

What Was the Breach?

It was impossible to determine which files and which exact bits of data were accessed, but all of the following pieces of information could have been exposed. 

• Date of Birth
• Medical Billing History
• Home Address
• Personal Injury Claim
• Medical History
• Employment Information
• Social Security Number
• Full Legal Name
• Social Security Number

How Did the Breach Occur?

The Elevate Services data breach occurred when an individual used a security vulnerability to gain entry into the company's file network. Once inside, the hacker encrypted confidential company files through ransomware and made them inaccessible to the provider. The hackers then demanded payment for access to the files once again.

When Did This Breach Occur?

The Elevate Services ransomware attack began on March 5 and persisted until March 15, 2022. During that time, select files were encrypted and inaccessible to the company.

Who Does the Breach Impact?

This data breach impacts legal professionals that rely on Elevate Services for their smart legal services, as well as their customers. If you rely on the services for your law practice you may be at risk of being exposed. Any of your clients may also have had their information exposed in this attack.

How Many Files Does the Breach Affect?

There was no way for the security experts investigating this breach to determine exactly which files were accessed and exposed in the attack. Thousands of individual files were available inside the file network, but only a small portion of those files are believed to have been accessed and used.