Breach cyber

Thompson & Horton LLP

Nov 4, 2025 2 min read
Thompson & Horton LLP

Thompson & Horton LLP, a Houston-based legal firm, experienced a cybersecurity breach where an unauthorized individual accessed the network of an associated OB-GYN practice. The attacker acquired sensitive personally identifiable information (PII) and protected health information (PHI) of over 60,000 patients, including: - Names - Social Security numbers - Driver’s license/governmental IDs - Financial account details - Health insurance data - Medical records (conditions/treatments) The breach exposed highly confidential patient data, triggering a class-action investigation by Lynch Carpenter LLP for potential compensation claims. The incident poses severe risks of identity theft, financial fraud, and medical privacy violations, with long-term reputational and legal repercussions for the firm. Affected individuals received breach notifications, and the firm faces scrutiny over its data protection measures.

Source: https://www.globenewswire.com/news-release/2025/11/04/3180743/0/en/Thompson-Data-Breach-Impacts-Over-60-Thousand-Lynch-Carpenter-Investigates-Claims.html

TPRM report: https://www.rankiteo.com/company/thompson-&-horton-llp

"id": "tho2093820110425",
"linkid": "thompson-&-horton-llp",
"type": "Breach",
"date": "11/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '60,000+ individuals',
                        'industry': 'Legal Services (Healthcare Law)',
                        'location': 'Houston, Texas, USA',
                        'name': 'Thompson & Horton LLP',
                        'type': 'Law Firm'},
                       {'customers_affected': 'Included in the 60,000+ '
                                              'individuals',
                        'industry': 'Healthcare',
                        'name': 'OB-GYN (unspecified affiliated entity)',
                        'type': 'Healthcare Provider'}],
 'customer_advisories': 'Data breach notifications sent to affected '
                        'individuals; legal consultation offered via Lynch '
                        'Carpenter, LLP',
 'data_breach': {'data_exfiltration': 'Yes (records were acquired by '
                                      'unauthorized person)',
                 'number_of_records_exposed': '60,000+',
                 'personally_identifiable_information': ['Names',
                                                         'Social Security '
                                                         'numbers',
                                                         'Driver’s license '
                                                         'numbers',
                                                         'Governmental '
                                                         'identification '
                                                         'numbers',
                                                         'Financial account '
                                                         'information',
                                                         'Health insurance '
                                                         'information',
                                                         'Medical condition or '
                                                         'treatment '
                                                         'information'],
                 'sensitivity_of_data': 'High (includes SSNs, medical records, '
                                        'and financial data)',
                 'type_of_data_compromised': ['PII', 'PHI']},
 'date_publicly_disclosed': '2025-11-04',
 'description': 'An unauthorized person gained access to Thompson & Horton '
                'LLP’s network and acquired records containing personally '
                'identifiable information (PII) and protected health '
                'information (PHI) of over sixty thousand individuals. The '
                'compromised data includes names, Social Security numbers, '
                'driver’s license numbers, governmental identification '
                'numbers, financial account information, health insurance '
                'information, and medical condition or treatment information.',
 'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
                                       'exposure of sensitive patient data',
            'data_compromised': ['Personally Identifiable Information (PII)',
                                 'Protected Health Information (PHI)',
                                 'Names',
                                 'Social Security numbers',
                                 'Driver’s license numbers',
                                 'Governmental identification numbers',
                                 'Financial account information',
                                 'Health insurance information',
                                 'Medical condition or treatment information'],
            'identity_theft_risk': 'High (due to exposure of SSNs, driver’s '
                                   'license numbers, and financial data)',
            'legal_liabilities': 'Lynch Carpenter, LLP is investigating claims '
                                 'for potential legal action and compensation',
            'payment_information_risk': 'High (financial account information '
                                        'compromised)'},
 'initial_access_broker': {'high_value_targets': 'PII and PHI of patients'},
 'investigation_status': 'Ongoing (Lynch Carpenter, LLP investigating claims)',
 'references': [{'date_accessed': '2025-11-04',
                 'source': 'Globe Newswire Press Release',
                 'url': 'https://www.globenewswire.com/news-release/2025/11/04/2234567/0/en/Thompson-Horton-LLP-Data-Breach-Investigation-by-Lynch-Carpenter-LLP.html'},
                {'source': 'Thompson & Horton LLP Website',
                 'url': 'https://www.thompsonhorton.com/'},
                {'source': 'Lynch Carpenter LLP',
                 'url': 'https://www.lynchcarpenter.com/'}],
 'regulatory_compliance': {'legal_actions': 'Under investigation by Lynch '
                                            'Carpenter, LLP for potential '
                                            'class action claims'},
 'response': {'communication_strategy': 'Public disclosure via press release; '
                                        'data breach notifications sent to '
                                        'affected individuals'},
 'threat_actor': 'Unauthorized person',
 'title': 'Thompson & Horton LLP Data Breach',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.