Gunster, Yoakley & Stewart is a commercial law firm with a century of tradition and experience in Florida courtrooms. They have 18 industry teams and employ over 280 attorneys and consultants. Despite Gunster’s impressive courtroom experience, in November 2022, they fell victim to an external data breach.
An unauthorized actor accessed Gunster’s document management file system before officials discovered the event. How the assailants made the attack possible is unclear. However, if the global MOVEit breach taught professionals anything, third-party software has more vulnerabilities than previously thought.
Gunster’s breach happened in late November 2022; they responded by isolating the threat and investigating the event. Gunster provided preliminary notices to some individuals impacted in April 2023, but they had not yet finished their investigations. Their reviews concluded around October 15th; after this, officials moved to send impact notifications. Officials sent subsequent notices around December 1st.
The public information surrounding Gunster’s breach does not indicate what groups may be impacted by the breach. Presumably, the attack mainly affected individuals or staffers of the company; if the breach included the data of mega-corporation owners, the breach would have made waves last year.
The breach filing published on the Maine Attorney General’s website indicates nothing about total impact numbers. Regardless of the limited public information, we suggest those who have a relationship with Gunster take action to protect their data. Start by securing and updating the exposed accounts, then invest in monitoring services.