We are notifying all current and past clients of MBC Law Professional Corp. (MBC Law), of a recent privacy breach that was detected on January 17, 2024.
MBC Law, through its IT contractor, discovered potential unauthorized access to our systems. We immediately closed our system and retained incident response services to assess and investigate the breach. Forensic investigative and security monitoring steps have been and continue to be engaged.
We are advised that one of our server drives had been likely accessed by illicit activities. While the extent of the data breach is unknown, and may never be known, it appears that our document management system, accounting, and online payment systems were not compromised.
Certain client work product, such as Microsoft Word, Excel and Adobe (.pdf) versions of court materials, including affidavits, motion records, pleadings, affidavits of documents, exhibits, personal identification, and correspondence (including solicitor client privilege communications) were inappropriately accessed, collected, and could be disclosed by those malicious actors who hacked into our network.
MBC Law continues to investigate how clients are affected. We have also re-built our server with backups and are in a new environment with further and additional safeguards.
Since there was malicious access to our systems, and we are a company you deal with, you may be at risk. We encourage you learn more about cyber fraud and cyber security by visiting the information posted by the Canadian Centre for Cyber Security.
Unfortunately, these incidents are becoming more and more common. We are grateful to our staff, our IT service providers, and our clients for their support.