Law Firm Cybersecurity

GrayRobinson, P.A., a Florida-based law and lobbying firm, disclosed a cybersecurity breach affecting 65,113 individuals. Unauthorized actors accessed the firm's network between March 5 and March 24, 2025, potentially exposing names, Social Security numbers, dates of birth, driver's licenses, financial account information, and protected health information. The firm detected the intrusion on March 24, secured its systems, notified law enforcement, and engaged external cybersecurity experts. The forensic investigation concluded April 13, 2026. Notifications to affected individuals began April 24, 2026, with regulatory reports filed to state attorneys general including California and Maine. GrayRobinson offered complimentary Experian IdentityWorks credit monitoring and reported no evidence of actual misuse.

GrayRobinson, P.A., a Florida-based law firm, disclosed a data breach affecting 65,113 individuals between March 5 and March 24, 2025. Unauthorized actors accessed the firm's network during that period, potentially exposing names, Social Security numbers, and other sensitive personal information. The firm detected the intrusion on March 24, secured its systems, notified law enforcement, and retained third-party investigators. A forensic review completed in April 2026 confirmed the exposure, and GrayRobinson sent breach notices on April 24, 2026. The firm is offering two years of free identity monitoring through Experian. No evidence of actual misuse has emerged.