Cyber Incident Victim: Wilson Elser Moskowitz Edelman & Dicker

On or around February 10, 2020, Wilson Elser Moskowitz Edelman & Dicker detected suspicious activity on its network, prompting an immediate response to contain the cybersecurity incident. The firm took its network offline as a containment measure while investigating the nature and scope of the intrusion. During this disruption, lawyers maintained email access through a remote system, ensuring some continuity in communications. The firm confirmed its phone systems remained operational and all physical offices stayed open despite the network outage. In a public statement issued on February 10, Wilson Elser stated there was no evidence suggesting client data had been compromised at that stage of the investigation. The firm did not disclose technical details regarding the attack vector, duration of network exposure, or specific systems affected beyond the general network shutdown. No ransomware demands or threat actor claims regarding Wilson Elser were referenced in available reports.

The incident occurred amid heightened law firm targeting by the Maze hacking group, which publicly claimed responsibility for breaching at least five other firms including Baker Wotring around the same timeframe. Maze employed a double-extortion model involving data exfiltration followed by ransom demands typically ranging from $1 million to $2 million, threatening to publish stolen materials like client fee agreements and case diaries if unpaid. While Baker Wotring suffered a confirmed "full dump" of its data by Maze, Wilson Elser's investigation outcomes regarding data exposure remained unspecified in initial disclosures. The firm's containment strategy prioritized operational continuity through alternative communication channels while forensic analysis continued. No subsequent updates regarding data compromise, ransom demands, or long-term operational impacts were documented in the immediate aftermath of the February 10 disclosure.