Mon. Apr 15th, 2024

Editor’s Note: This incredibly unfortunate and highly visible event in the eDiscovery ecosystem highlights a challenge faced by every law firm, corporation, and legal services provider, that being the protection and preservation of data privacy, systems security, and business continuity in the face of nefarious cybersecurity threats.

Update: The website presence of Epiq has returned as of mid-afternoon on Tuesday, March 3, 2020. (

Press Announcement from Epiq

Epiq Issues Statement on Unauthorized System Activity

Epiq, a global leader in the legal services industry, today [March 2, 2020] issued the following statement:

On February 29, we detected unauthorized activity on our systems, which has been confirmed as a ransomware attack. As part of our comprehensive response plan, we immediately took our systems offline globally to contain the threat and began working with a third-party forensic firm to conduct an independent investigation.

Our technical team is working closely with world-class third-party experts to address this matter, and bring our systems back online in a secure manner, as quickly as possible.

Federal law enforcement authorities have also been informed and are involved in the investigation.

As always, protecting client and employee information is a critical priority for the company. At this time there is no evidence of any unauthorized transfer or misuse or exfiltration of any data in our possession.

About Epiq

Epiq, a global leader in the legal services industry, takes on large-scale, increasingly complex tasks for corporate counsel, law firms, and business professionals with efficiency, clarity, and confidence. Clients rely on Epiq to streamline the administration of business operations, class action and mass tort, court reporting, eDiscovery, regulatory, compliance, restructuring, and bankruptcy matters. Epiq subject-matter experts and technologies create efficiency through expertise and deliver confidence to high-performing clients around the world.

Read the complete release at Epiq Issues Statement on Unauthorized System Activity

An article extract from Zach Whittaker of TechCrunch

Legal Services Giant Epiq Global Offline After Ransomware Attack

A source with knowledge of the incident but who was not authorized to speak to the media said the ransomware hit the organization’s entire fleet of computers across its 80 global offices. According to an internal communication sent to staff that was obtained by TechCrunch, the law services company said staff should “not go” to their local offices without managerial approval. Staff in offices were advised to avoid connecting any device to the network. The communication also said that staff should “turn off the Wi-Fi on your laptop before entering the parking lot of the building” in an effort to prevent the spread of the ransomware.

Many of the computers were running old versions of Windows, the source said. “Nothing is up to date,” the source said.

The source came forward because, in their words, “we were told not to tell clients anything until we are back in.”

Read the complete article at Legal Services Giant Epiq Global Offline After Ransomware Attack

An article extract from Artificial Lawyer

The Epiq Ransomware Attack – A Threat Analyst’s View

This site asked Canada-based threat analyst, Brett Callow, at security company Emsisoft, who has written extensively about attacks on the legal sector before, what he thought this attack meant.

Callow’s first point was that he believes it’s too early to be certain that client data hasn’t been compromised.

A source close to Epiq told this site that ‘no client data had been accessed’, while an official statement added that: ‘There is no evidence of any unauthorized transfer or misuse or exfiltration of any data in our possession.’

From Callow’s perspective saying this with absolute certainty so soon after the initial attack may not be possible.

‘Ransomware incidents should be regarded as data breaches from the get-go. Waiting for several weeks until a forensic analysis is complete gives the criminals too much time to work with any data that was exfiltrated,’ he said.

He explained to Artificial Lawyer that the situation can sometimes be like ‘someone walking into a burglarised home and saying: ‘I don’t think anything has been taken’.’

‘Working out what did or did not happen during a ransomware incident requires a full forensic investigation that can take several weeks,’ he added.

Read the complete article at The Epiq Ransomware Attack – A Threat Analyst’s View

An article extract from Frank Ready of Legaltech News

Epiq Global Takes Systems Offline Following Ransomware Attack

Visitors to Epiq Global’s website on Monday likely received the following message: “Our corporate web site is offline to perform maintenance.” The e-discovery and managed services company took its systems offline on Saturday after detecting “unauthorized activity” that a spokesperson has since confirmed as a ransomware attack. The outage was first reported by legal tech journalist Bob Ambrogi.

The timeline for bringing Epiq’s systems back online is still unclear—which could pose issues to customers with projects to complete.

Read the complete article at Epiq Global Takes Systems Offline Following Ransomware Attack

An article extract from Bob Ambrogi of LawSites

Epiq Global Down As Company Investigates Unauthorized Activity on Systems

Epiq Global, an international e-discovery and managed services company, has taken its systems offline globally after detecting unauthorized activity.

Epiq made the move on Saturday as part of its data security response plan and has brought on a third-party forensics firm to conduct an investigation.

Among the systems taken offline are Epiq’s instances of the Relativity e-discovery software, leaving customers unable to work on review projects they have underway.

Read the complete article at Epiq Global Down As Company Investigates Unauthorized Activity on Systems

Additional Reading

Source: ComplexDiscovery


Have a Request?

If you have information or offering requests that you would like to ask us about, please let us know, and we will make our response to you a priority.

ComplexDiscovery OÜ is a highly recognized digital publication focused on providing detailed insights into the fields of cybersecurity, information governance, and eDiscovery. Based in Estonia, a hub for digital innovation, ComplexDiscovery OÜ upholds rigorous standards in journalistic integrity, delivering nuanced analyses of global trends, technology advancements, and the eDiscovery sector. The publication expertly connects intricate legal technology issues with the broader narrative of international business and current events, offering its readership invaluable insights for informed decision-making.

For the latest in law, technology, and business, visit


Generative Artificial Intelligence and Large Language Model Use

ComplexDiscovery OÜ recognizes the value of GAI and LLM tools in streamlining content creation processes and enhancing the overall quality of its research, writing, and editing efforts. To this end, ComplexDiscovery OÜ regularly employs GAI tools, including ChatGPT, Claude, Midjourney, and DALL-E, to assist, augment, and accelerate the development and publication of both new and revised content in posts and pages published (initiated in late 2022).

ComplexDiscovery also provides a ChatGPT-powered AI article assistant for its users. This feature leverages LLM capabilities to generate relevant and valuable insights related to specific page and post content published on By offering this AI-driven service, ComplexDiscovery OÜ aims to create a more interactive and engaging experience for its users, while highlighting the importance of responsible and ethical use of GAI and LLM technologies.