Hannis T. Bourgeois, LLP

On January 31, 2021, Hannis T. Bourgeois, LLP experienced a data breach due to external system hacking, as reported by the Maine Office of the Attorney General on August 12, 2021. The incident compromised sensitive personal and financial information of 18,147 individuals, including 8 Maine residents. The exposed data included names, dates of birth, driver’s license numbers, Social Security Numbers (SSNs), and financial account numbers, among other details. The breach posed a severe risk of identity theft, financial fraud, and long-term reputational damage to the affected individuals. Given the nature of the stolen data—particularly SSNs and financial records—the potential for malicious exploitation (e.g., loan fraud, tax fraud, or unauthorized account access) remains high. The firm’s failure to prevent the intrusion also raises concerns about its cybersecurity posture, potentially eroding client trust and inviting regulatory scrutiny. While the article does not specify ransomware involvement, the scale and sensitivity of the leaked data suggest a targeted cyber attack with significant operational and legal repercussions for the company. The breach underscores the critical need for robust data protection measures in professional services firms handling confidential client information.

Source: https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/8feee276-51da-42bb-9e24-2a541b0c931a.shtml

TPRM report: https://www.rankiteo.com/company/hannis-t--bourgeois-llp

"id": "han1058090625",
"linkid": "hannis-t--bourgeois-llp",
"type": "Cyber Attack",
"date": "1/2021",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 18147,
                        'industry': 'Legal Services',
                        'name': 'Hannis T. Bourgeois, LLP',
                        'type': 'Law Firm'}],
 'attack_vector': 'External System Hacking',
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': 18147,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personally Identifiable '
                                              'Information (PII)',
                                              'Financial Data']},
 'date_publicly_disclosed': '2021-08-12',
 'description': 'The Maine Office of the Attorney General reported a data '
                'breach involving Hannis T. Bourgeois, LLP. The breach '
                'occurred on January 31, 2021, involved external system '
                'hacking, and affected 18,147 individuals, including 8 Maine '
                'residents. The compromised information included names, dates '
                'of birth, driver’s license numbers, Social Security Numbers, '
                'financial account numbers, and more.',
 'impact': {'data_compromised': ['Names',
                                 'Dates of Birth',
                                 'Driver’s License Numbers',
                                 'Social Security Numbers',
                                 'Financial Account Numbers'],
            'identity_theft_risk': 'High',
            'payment_information_risk': 'High'},
 'references': [{'date_accessed': '2021-08-12',
                 'source': 'Maine Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': [{'authority': 'Maine '
                                                                      'Office '
                                                                      'of the '
                                                                      'Attorney '
                                                                      'General',
                                                         'date': '2021-08-12'}]},
 'title': 'Data Breach at Hannis T. Bourgeois, LLP',
 'type': 'Data Breach'}