Last updated 2 weeks ago
Auger & Auger, a North Carolina-based personal injury law firm, experienced unauthorized network access on February 17, 2026, with the intrusion lasting approximately 25 minutes. The firm notified affected individuals on March 30, 2026, offering one year of complimentary identity protection services through EPIC-Privacy D Solutions. The notification confirmed personal information was compromised during the incident.
The breach involved unauthorized access to the firm's network infrastructure, though the specific initial access vector remains undisclosed. The attack resulted in the exposure of personal information belonging to clients and potentially other individuals associated with the firm. The limited 25-minute intrusion window suggests either rapid detection or constrained attacker dwell time.
Auger & Auger has initiated breach notification procedures under North Carolina state regulations, with affected individuals receiving direct notification letters. The firm faces potential litigation related to the incident, though no specific regulatory actions or class action details are confirmed at this time.
Unauthorized access to network
This breach demonstrates that even brief unauthorized access windows—here just 25 minutes—can trigger significant legal and notification obligations for law firms handling sensitive client data. The incident highlights the need for real-time network monitoring and rapid incident response capabilities in professional services industries, where client confidentiality is paramount. The firm's immediate offering of identity protection services reflects the standard remediation approach for personal information exposure, though the specific data types compromised remain unspecified.
Sign in to join the discussion.
Company
Industry
Location
Discovered
Disclosed
Records Affected
Attack Vector