The action is related to a 2021 ransomware attack on legal firm Heidell, Pittoni, Murphy & Bach (HPMB) that exploited months-old Microsoft Exchange vulnerabilities compromised the private data of nearly 115,000 hospital patients, including names, dates of birth, social security numbers, and health information.
Article Link: Law firm pays $200,000 over “poor data security” that led to Microsoft Exchange attack | SC Media