NY AG Hits Law Firm With $200K Settlement in Health Breach

ICYMI: LockBit Attack Exploited Microsoft Exchange Flaw; Firm Also Paid a Ransom
A New York medical malpractice law firm will pay $200,000 and implement data security improvements to settle a HIPAA enforcement action by the state attorney general’s office following a 2021 ransomware attack by LockBit. Law firm Heidell, Pittoni, Murphy & Bach paid the hackers $100,000 in 2021.