Epiq Global Takes Systems Offline Following Ransomware Attack
E-discovery and managed services company Epiq Global announced on Monday that it had taken its systems offline after detecting "unauthorized access." A timeline for bringing the systems back online again is still unclear.
March 02, 2020 at 05:39 PM
3 minute read
This story has been updated with a statement Epiq released on Saturday.
Visitors to Epiq Global's website on Monday likely received the following message: "Our corporate web site is offline to perform maintenance." The e-discovery and managed services company took its systems offline on Saturday after detecting "unauthorized activity" that a spokesperson has since confirmed as a ransomware attack. The outage was first reported by legal tech journalist Bob Ambrogi.
"As part of our comprehensive response plan, we immediately took our systems offline globally to contain the threat and began working with a third-party forensic firm to conduct an independent investigation. Our technical team is working closely with world class third-party experts to address this matter and bring our systems back online in a secure manner as quickly as possible," read a statement Epiq released on Monday.
The statement also specified that there has been no evidence of unauthorized data transfers, misuse, or exfiltration. However, the timeline for bringing Epiq's systems back online is still unclear—which could pose issues to customers with projects to complete.
Shawn Gaines, VP of marketing at Relativity, confirmed that Epiq-hosted instances of Relativity, for example, were impacted by the outage. He also clarified that the issue isn't related specifically to Relativity Server or RelativityOne broadly. "We know Epiq is working diligently to address the outage, and we've been in touch if there's anything we can do to help," Gaines said.
On Monday evening, TechCrunch cited an anonymous source with knowledge of the incident who claimed that the ransomware hit Epiq's "entire fleet of computers across its 80 global offices." The site also referenced an internal Epiq communication it had obtained telling employees not to go to their local offices without managerial approval and to turn off the Wi-Fi on their laptops before entering the parking lot of the building to avoid spreading the ransomware. However, TechCrunch also noted that an Epiq spokesperson had declined to confirm the contents of the internal email the site obtained or disclose the amount of data or computers impacted during the attack.
To be sure, Epiq is not the first technology vendor present in the legal industry to face a cyber-incident. In October 2019, case management platform TrialWorks disclosed to clients that it had been affected by a ransomware incident. Earlier that year, the Photon Research Team at software provider Digital Shadows realized that configuration errors had rendered 2.3 billion files accessible online.
This story was update to reflect a Monday evening report from TechCrunch. Legaltech News will continue to update this story as more is known.
March 9 update: Epiq updated its original statement on Saturday to reveal that "Ruyk" ransomware protocol was used in the attack. The company also listed the specific business components that were impacted by the incident: Restructuring and Bankruptcy, Class Action and Mass Tort and Legal Solutions, which contains Epiq's e-discovery and document review services. The updated statement is located here.
Wednesday update: Epiq's website is now operational and Monday's statement has been added to the homepage. "Our technical team is working closely with world class third-party experts to address this matter, and bring our systems back online in a secure manner, as quickly as possible. At this time there is no evidence of any unauthorized access, transfer or misuse or exfiltration of any data in our possession. We will continue to provide timely updates until this situation is resolved," reads the statement in part.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllTrending Stories
- 1‘The Decision Will Help Others’: NJ Supreme Court Reverses Appellate Div. in OPRA Claim Over Body-Worn Camera Footage
- 2MoFo Associate Sees a Familiar Face During Her First Appellate Argument: Justice Breyer
- 3Antitrust in Trump 2.0: Expect Gap Filling from State Attorneys General
- 4People in the News—Jan. 22, 2025—Knox McLaughlin, Saxton & Stump
- 5How I Made Office Managing Partner: 'Be Open to Opportunities, Ready to Seize Them When They Arise,' Says Lara Shortz of Michelman & Robinson
Who Got The Work
J. Brugh Lower of Gibbons has entered an appearance for industrial equipment supplier Devco Corporation in a pending trademark infringement lawsuit. The suit, accusing the defendant of selling knock-off Graco products, was filed Dec. 18 in New Jersey District Court by Rivkin Radler on behalf of Graco Inc. and Graco Minnesota. The case, assigned to U.S. District Judge Zahid N. Quraishi, is 3:24-cv-11294, Graco Inc. et al v. Devco Corporation.
Who Got The Work
Rebecca Maller-Stein and Kent A. Yalowitz of Arnold & Porter Kaye Scholer have entered their appearances for Hanaco Venture Capital and its executives, Lior Prosor and David Frankel, in a pending securities lawsuit. The action, filed on Dec. 24 in New York Southern District Court by Zell, Aron & Co. on behalf of Goldeneye Advisors, accuses the defendants of negligently and fraudulently managing the plaintiff's $1 million investment. The case, assigned to U.S. District Judge Vernon S. Broderick, is 1:24-cv-09918, Goldeneye Advisors, LLC v. Hanaco Venture Capital, Ltd. et al.
Who Got The Work
Attorneys from A&O Shearman has stepped in as defense counsel for Toronto-Dominion Bank and other defendants in a pending securities class action. The suit, filed Dec. 11 in New York Southern District Court by Bleichmar Fonti & Auld, accuses the defendants of concealing the bank's 'pervasive' deficiencies in regards to its compliance with the Bank Secrecy Act and the quality of its anti-money laundering controls. The case, assigned to U.S. District Judge Arun Subramanian, is 1:24-cv-09445, Gonzalez v. The Toronto-Dominion Bank et al.
Who Got The Work
Crown Castle International, a Pennsylvania company providing shared communications infrastructure, has turned to Luke D. Wolf of Gordon Rees Scully Mansukhani to fend off a pending breach-of-contract lawsuit. The court action, filed Nov. 25 in Michigan Eastern District Court by Hooper Hathaway PC on behalf of The Town Residences LLC, accuses Crown Castle of failing to transfer approximately $30,000 in utility payments from T-Mobile in breach of a roof-top lease and assignment agreement. The case, assigned to U.S. District Judge Susan K. Declercq, is 2:24-cv-13131, The Town Residences LLC v. T-Mobile US, Inc. et al.
Who Got The Work
Wilfred P. Coronato and Daniel M. Schwartz of McCarter & English have stepped in as defense counsel to Electrolux Home Products Inc. in a pending product liability lawsuit. The court action, filed Nov. 26 in New York Eastern District Court by Poulos Lopiccolo PC and Nagel Rice LLP on behalf of David Stern, alleges that the defendant's refrigerators’ drawers and shelving repeatedly break and fall apart within months after purchase. The case, assigned to U.S. District Judge Joan M. Azrack, is 2:24-cv-08204, Stern v. Electrolux Home Products, Inc.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250
