In the February 11th news on LAW.COM, an article by Patrick Smith “Maze Hackers Publish Texas Law Firm’s Confidential Data” quoted Sensei’s CEO Michael Maschke.
Excerpt: Maze, the ransomware software and hacking group, has removed Texas law firm Baker Wotring from its “client” site, signaling that the 10-lawyer litigation firm may have opted to pay cybercriminals to halt publication of potentially sensitive data.
The firm was put on Maze’s public target list on Nov. 29 and had remained there until late last week. Baker Wotring did not respond to multiple requests for comment, though it previously acknowledged a breach.
Quotes and advice from Michael Maschke:
According to Callow and Michael Maschke, CEO of Virginia-based digital forensics firm Sensei Enterprises, many hacking victims will avoid disclosing breaches in order to sidestep the potential fallout from clients.
Maschke said that his firm advises clients not to pay the ransom, but added that Maze brings a new calculus into the ransomware game.
“Maze is one of the first that exfiltrates the data,” Maschke said. “Before, you had a 50/50 shot of getting the encryption key and freeing the data, but now that they are taking the data offsite, there are more concerns.”
Maschke said that he couldn’t think of any reason Maze would have taken Baker Wotring’s name off its list unless it was paid to do it.