Cyber Incident Victim: Wisner Baum
Date:
Jan 2025
Location:
United States of America
Summary
A Los Angeles plaintiffs’ law firm faced two class actions following a data breach compromising sensitive client information including Social Security numbers, bank account details, and medical records. The incident stemmed from a cyberattack on firewall provider SonicWall, which notified the firm shortly after being hacked. Legal actions were initiated by Wucetich & Korovilas and Cole & Van Note in federal court.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 0 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In October 2025, firewall software provider SonicWall suffered a cyber-attack disclosed to its client Wisner Baum on October 9—one day after SonicWall’s October 8 breach. The Los Angeles-based plaintiffs’ law firm subsequently identified unauthorized access to its systems through this third-party compromise. On January 23, 2026, Wisner Baum formally notified affected individuals and regulatory authorities, including the attorneys general of California and Vermont, confirming the exposure of sensitive client data. Compromised information included Social Security numbers, bank account details, and medical records. Within one week of this disclosure, two class action lawsuits were filed against the firm in U.S. District Court: the first on Friday, January 27, and the second on Monday, January 30, 2026. Law firms Wucetich & Korovilas and Cole & Van Note initiated the litigation, alleging failures in data protection. Wisner Baum Managing Partner R. Brent Wisner publicly attributed the incident to the SonicWall supply-chain attack but did not specify the duration of unauthorized access or the exact number of affected individuals.
The breach triggered multi-state regulatory scrutiny through mandatory attorney general notifications in Vermont and California, jurisdictions with stringent data breach reporting laws. Exfiltrated financial and medical records created elevated risks of identity theft and fraud for impacted clients. Legal consequences materialized rapidly, with both class actions seeking damages for alleged negligence in safeguarding personal information. The firm’s public statements focused on attributing causality to SonicWall’s security failure rather than detailing internal containment measures or forensic findings. No ransomware payments, data restoration efforts, or threat actor attributions were disclosed in available reports. The lawsuits marked the primary documented operational impact, alongside reputational exposure from litigation alleging inadequate cybersecurity controls during a period of heightened industry focus on law firm data vulnerabilities.