Simple Human Error Leads to Major Blank Rome Data Breach

personal data lawfuel

Blank Rome is facing proposed class actions after a cyberattack of what appears to be a brazen and blatant ‘attack’, exposed sensitive personal information belonging to more than 57,000 current and former clients, highlighting how a simple human mistake can trigger major legal consequences.

According to the firm’s own account, the breach occurred when a cybercriminal posing as a member of Blank Rome’s IT team persuaded an attorney to upload confidential files to an external file-sharing website.

The firm says its network itself was not compromised, but the incident exposed sensitive client information through a classic social engineering attack.

The lawsuits, filed in federal court, allege Blank Rome failed to implement reasonable safeguards to protect confidential information and did not adequately protect those whose personal data was exposed. Plaintiffs claim they now face an increased risk of identity theft, fraud and financial harm.

Blank Rome has notified affected individuals and says the compromised information may include names, Social Security numbers, financial account details, government identification numbers and certain medical information, depending on the individual.

The case is another warning that even firms with sophisticated cybersecurity programmes remain vulnerable to one of the oldest tricks in the hacker’s playbook: persuading someone to click or upload something they should not.

The allegations remain unproven, and Blank Rome intends to vigorously defend the claims.

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to Top