Cyber Incident Victim: TrialWorks
Date:
Oct 2019
Location:
United States of America
Summary
A ransomware attack targeted TrialWorks, a practice management software provider, disrupting its platform for multiple days and preventing legal professionals from accessing critical case files. The incident caused significant operational challenges for affected law firms, with widespread customer frustration over prolonged system unavailability and insufficient communication regarding resolution timelines. Service restoration efforts remained ongoing beyond the initial outage period, though the company did not publicly confirm full recovery status during the immediate aftermath. Lawyers expressed concerns about the attack's impact on their workflows and questioned the platform's reliability following the security breach.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The ransomware attack targeting TrialWorks began on October 13, 2019, disrupting access to the company's case management software platform for a minimum of four consecutive days. Lawyers relying on the system reported being locked out of critical case files, with some confirming ongoing accessibility issues as late as October 17. The incident rendered approximately 2,500 law firms unable to retrieve their operational data through TrialWorks' services. Company executives did not publicly confirm the attack's resolution timeline during the initial outage period, despite multiple customer inquiries. Technical details regarding the ransomware variant or initial attack vector remained undisclosed by the company or corroborating sources.
Affected legal professionals utilized social media platforms to document operational paralysis, with Twitter complaints highlighting the absence of recovery timelines and inadequate communication from TrialWorks. Customer frustrations escalated due to the extended duration of inaccessibility to case management systems essential for daily legal operations. The company maintained scheduled participation in the Defense Research Institute's annual meeting starting October 15, though its engagement with customers regarding the cybersecurity incident remained unverified. No public statements from TrialWorks executives addressed containment measures, data recovery processes, or potential data compromise during the confirmed outage window. The disruption generated widespread customer dissatisfaction, with multiple law firms indicating intentions to migrate to alternative platforms upon service restoration.