CTS, a UK-based provider of managed IT services for law firms and the professional services industry, is experiencing a cyber security incident that is causing ongoing widespread disruption across the legal sector.
In a statement on its website, Cheshire-based CTS has confirmed it is experiencing a “service disruption” as a result of an unspecified cyber incident. The company did not share further details about the incident, such as how many of its customers were affected or whether they had access to sensitive data, and has not released any updates since Friday.
While CTS refuses to share details about the incident, industry publication Today’s Conveyancer said nearly 80 law firms are believed to have been affected so far by the cyberattack, leaving the firms unable to access their records since last Wednesday. Reports on social media say the incident has also disrupted home sales and purchases across the UK, forcing customers to face unexpected accommodation and storage costs, as well as mortgage offers soon to expire.
CTS spokeswoman Natalie Kissack declined to respond to TechCrunch’s questions when reached for comment on Monday.
Rashana Vigerstaff, a spokeswoman for the UK Information Commissioner’s Office, told TechCrunch that CTS had notified the regulator about the incident. UK organizations are required to notify the ICO within 72 hours of discovering a data breach of personal information.
Several CTS-based companies report ongoing disruption due to the cyberattack.
Law firm Taylor Rose MW said its “business is currently being affected” as a result of the CTS cyberattack. “We apologize to our customers for the inconvenience. We are in close contact with the supplier and expect the issue to be resolved in the coming days,” said Ali Jubb, a spokesperson for Taylor Rose MW, in an email to TechCrunch. “In the meantime, we are finding alternatives to address urgent customer issues and keep customers informed.”
O’Neill Patient Solicitors, a law firm that is featured as a customer case study on the CTS websiteit said in its own announcement on the website: “Unfortunately we are experiencing some service disruption due to an outage affecting a number of organizations across the legal sector.”
West Midlands-based Talbots Law said in a statement on its website that it was experiencing difficulties, “due to a technical outage affecting many organizations within the legal sector”.
CTS has yet to confirm the nature of the cyber incident or how it was breached, but did not dispute claims by security experts that it may have been compromised by hackers exploiting the CitrixBleed vulnerability, which US government officials last year week warned that it was being actively exploited by both nation-state hackers and cybercriminal gangs, including LockBit.
In a post on Mastodon, a security expert linked the breach to an exposed NetScaler appliance is owned by Sprout Technologies, a company that merged with CTS in 2020.
A Taylor Rose client named Lindsay, who asked that we withhold her last name, told TechCrunch that she had trouble selling her home as a result of the CTS hack. Lindsay said she should have exchanged on Nov. 22 but didn’t, noting that Taylor Rose said she’s waiting for updates from CTS. Lindsay says her mortgage offer expires on November 30 and she fears she will lose thousands and be unable to move if the process is not completed in time.
In its brief statement on the website, CTS said: “While we are confident that we will be able to restore services, we are unable to give an exact timetable for full restoration.”
Do you work for an organization or law firm affected by the CTS cyberattack? Carly Page can be reached securely on Signal on +441536 853968 or by email. You can also contact TechCrunch via SecureDrop.
