New Ransomware Attack Impacting CaseManagerPro Customers

In 2019 we wrote about a Ransomware attack that targeted two case management software companies: Needles and TrialWorks. According to quite a few firms we spoke with at the time, they lost access to both their client documents and case information. According to an article published in The Miami Herald, at least one law firm was “forced to request more time to meet a filing deadline in…federal court because it could not access its electronic documents”.[1] It took several weeks before the affected firms regained access to all of their client and firm data.

SmartAdvocate has learned that another case management system, CaseManagerPro, has also recently been hit by a Ransomware attack. Although the system’s owner, Lucid IQ, has apparently managed to keep the attack out of the news for now, according to several of their customers we have spoken with, all of their firms’ data was deleted and all of their backups are gone as well. As of now, unless Lucid IQ agrees to pay the ransom, it appears that these firms may have to find a way to recreate their critical case and firm information without any backup data.

Ransomware is defined as “malware planted illegally in a computer or mobile device that disables its operation or access to its data until the owner or operator pays to regain control or access”.[2]

Imagine if your law firm was without access to crucial client and firm data and documents for weeks or even longer!  Worse yet, how could you recover from the total and irretrievable loss of your critical case and firm information? Consider too the potential breaches of attorney–client confidentiality that could result from third-party access to your data!

We don’t yet know the impact that this most recent attack will have upon firms using CaseManagerPro, but in the 2019 attack against Needles and TrialWorks, in addition to being unable to access their critical data, some customers found it difficult to obtain details about the outage, claiming that “request[s] for information [fell] on deaf ears….”1

At the time, SmartAdvocate Chief Technology Officer Igor Selizhuk applauded the efforts by Needles and TrialWorks to resolve the outage quickly and thus provide their customers with access to their critical data.  Regarding the current incident, he has stated, “I hope and expect that CaseManagerPro will take all appropriate steps to resolve the issue and regain its customers’ access to their data as quickly as possible. A better solution however”, said Selizhuk, “is to anticipate and prepare for such an eventuality in advance.”

The underlying technology upon which SmartAdvocate Cloud was built, makes the success of such a Ransomware attack extremely unlikely.  SmartAdvocate is a fully browser-based system and is only accessible via HTTPS.[3]  According to Selizhuk, SmartAdvocate Cloud does not run virtual workstations and does not provide its customers with direct access to its server file structure.  As a result, he says, this “virtually eliminates any possibility of our servers being infected by ransomware or other malware.”

In addition, should the unlikely occur and SmartAdvocate’s Cloud servers somehow were impacted by malware, a daily backup regimen and a long-term historical backup retention policy make it even less likely that an infection could impact customer access to their data for any extended period.

SmartAdvocate is a fully integrated, award-winning legal case management system made to handle the challenges of our technologically demanding world. The robust features enable firms to manage, store, track and communicate better, to achieve the highest level of success. Initially designed by and for personal injury and mass tort litigation firms, SmartAdvocate is now used by a wide range of practices throughout the United States and Canada.

[1] Miami Herald, ‘Ransomware incident’ in South Florida blocked some law firms from countless records, 10/25/2019.

[2] Dictionary definition of ‘ransomware’,

[3] “Hypertext transfer protocol secure (HTTPS) is the secure version of HTTP, which is the primary protocol used to send data between a web browser and a website. HTTPS is encrypted in order to increase security of data transfer. This is particularly important when users transmit sensitive data….” CloudFare, What is HTTPS?,

By: Harry Dreier, Training Specialist