NY AG Hits Law Firm With $200K Settlement in Health Breach

LockBit Attack Exploited Microsoft Exchange Flaw; Firm Also Paid a Ransom
A New York medical malpractice law firm will pay $200,000 and implement data security improvements to settle a HIPAA enforcement action by the state attorney general's office following a 2021 ransomware attack by LockBit. Law firm Heidell, Pittoni, Murphy & Bach paid the hackers $100,000 in 2021.

2021 ransomware action amp attack attorney attorney general breach data data security enforcement exchange exploited flaw general hackers health hipaa law lockbit medical microsoft microsoft exchange new york office paid pay ransomware ransomware attack security settlement state