Weibrecht Law experienced a data breach.
It happened after an employee posted an unencrypted USB stick containing a “client file” via the USPS (US Postal Service).
The office sent an unencrypted electronic copy ("thumb drive") of a client file via US Postal Service.
The envelope that the thumb drive was sent in was received by the recipient, damaged and without the thumb drive enclosed.
Weibrecht Law was told by a representative that this was a “common occurrence” and that there were “buckets of thumb drives”.
The representative did a “visual review” of the buckets but couldn’t see Weibrecht Law’s missing device.
They do not have reason to believe the information has been accessed by individuals intending to misuse it.
The investigation indicates that the thumb drive was destroyed in a post office mail processing machine.
Notification letters have been sent to each of the affected parties.
Source: https://www.doj.nh.gov/consumer/security-breaches/documents/weibrecht-law-20181009.pdf
"id": "WEI227291022",
"linkid": "weibrecht-law-office",
"type": "Breach",
"date": "10/2018",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"