Marshall & Melhorn, LLC

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Marshall & Melhorn, LLC, a full-service law firm based in Toledo, Ohio, experienced a significant data breach that was first identified following a computer network outage on September 14, 2021. The firm initiated an investigation and discovered that an unauthorized party had gained access to their network between August 20, 2021, and September 14, 2021. Although the specific files accessed could not be determined, the firm reviewed all potentially involved files and completed this process by May 19, 2023[2].

The data breach compromised sensitive information, including names, addresses, Social Security numbers, financial account information, driver’s licenses and state identification information, passport information, medical information, and health insurance information. The breach potentially affected up to 27,271 individuals[1][7].

Marshall & Melhorn began notifying the affected individuals by sending out data breach letters on June 7, 2023. The firm has taken steps to enhance its cybersecurity measures in response to the breach, although it did not appear to offer credit monitoring services to the affected individuals[2].

Legal actions have been initiated in response to the breach. A federal judge allowed the consolidation of proposed class actions by two former clients of the firm, alleging that Marshall & Melhorn failed to secure their personal information[3]. Additionally, a class action lawsuit was filed against the firm in Ohio Northern District Court[5].

The firm has offices in Toledo, Findlay, and Perrysburg, employs more than 81 people, and generates approximately $17 million in annual revenue. It handles various types of cases, including construction law, automotive law, business law, education law, real estate law, and labor law[1].

Citations:

  1. https://www.jdsupra.com/legalnews/marshall-melhorn-llc-notifies-over-27k-2079887/
  2. https://www.hipaajournal.com/cyberattackprecision-imaging-centers-marshall-melhorn-atrium-health-wake-forest-baptist/
  3. https://www.law360.com/pulse/articles/1702215/ohio-judge-combines-marshall-melhorn-data-breach-suits
  4. https://www.marshall-melhorn.com/Professionals/Henry-Geha-III
  5. https://www.law.com/radar/card/thiel-v-marshall–melhorn-llc-49296518-0/
  6. https://www.marshall-melhorn.com/Professionals/Brittney-Shreffler
  7. https://www.myinjuryattorney.com/marshall-melhorn-llc-data-breach-investigation/
  8. https://www.marshall-melhorn.com/Professionals/Drew-Nitschke
  9. https://www.msdlegal.com/blog/2023/06/marshall-melhorn-data-breach-class-action-investigation/
  10. https://marshall-melhorn.com/Professionals/Craig-Burns
  11. https://www.law360.com/articles/1688470/ohio-law-firm-faces-class-claims-over-2021-data-breach
  12. https://www.marshall-melhorn.com/Professionals/Benjamin-Sutter
  13. https://www.mass.gov/doc/assigned-data-breach-number-29755-marshall-melhorn-llc/download
  14. https://www.marshall-melhorn.com/Professionals/Benjamin-Heywood
  15. https://www.marshall-melhorn.com/portalresource/lookup/wosid/cp-base-4-4607/media.name=/33F8730-August%202018%20Client%20Memo.PDF
Breach Submission Date Jun 07, 2023
Converted Entity Name Marshall & Melhorn, LLC
Converted Entity Type Business Associate
State OH
Individuals Affected 9,412
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes