A cyber-attack has shut down part of Massachusetts' public defender agency—leaving thousands of attorneys unable to access their own network for weeks. The shutdown is causing a domino effect as some cases are not making it to courts.
Since Feb. 28, a shutdown of the Committee for Public Counsel Services (CPCS) system includes email, delayed hearings and attorneys not paid who represent defendants. The group provides attorneys for those unable to afford one, including cases involving children within the Department of Children and Families.
An email to attorneys obtained by the NBC10 Boston Investigators describes the hack as two-tiered: A Trojan attack and then ransomware where hackers demand money to restore data.
Cindy Hewitt, general counsel with CPCS said she didn't know how much ransom money was demanded but confirms they refused to pay the hackers. She says they refused because they had back-up systems in place to eventually restore the data and says paying could leave CPCS open to further attacks.
The system hacked contains information on cases and clients but is also how the attorney's bill and get paid so it includes their social security numbers, dates of birth, and bank account information.
Hewitt said they have hired outside forensic consultants to investigate and tighten security. She says there is "no lost data and nothing compromised or extracted" as of now.
The case has been referred to the Massachusetts attorney general's office who said in a statement: "Our office is aware of this and we are reaching out to gather more information."
Calls were not returned requesting the exact number of court cases that have been delayed due to the hacking.