A data breach at a legal software provider has reportedly affected over 190 law firms, according to the organization that discovered it, TurgenSec. The beach was publicly disclosed on April 27, and TurgenSec reports that the identities of the ownr3 of the database and affected parties have become public knowledge. TurgenSec has released an update to the breach, which states that the metadata gathered from the database indicates that some information labeled as authentication data was more than 3 characters long. The group says that they have encouraged the owners to conduct forensics with an independent partner to verify the magnitude and risk of the breach.
TurgenSec has also urged Advanced to publicly address the breach and announce what they are doing to prevent another major data incident. The incident was discovered when TurgenSec security researchers found the database, which contained personal and sensitive information on the staff and clients of the company, open to the public. TurgenSec opened an investigation that concluded the misconfigured database likely belonged to Advanced Computer Software Group Limited.
Read More: Advanced Data Breach Disclosure Update