CTS, a UK-based provider of managed IT services for law firms and the professional services industry, is facing a cybersecurity incident that is causing significant disruption across the legal sector.
In a statement on its website, the Cheshire-headquartered CTS confirmed it’s experiencing a “service outage” due to an unspecified cyber incident. The company didn’t share further details about the incident, such as the number of impacted customers or whether any sensitive data had been accessed, and hasn’t posted any updates since Friday.
According to industry publication Today’s Conveyancer, close to 80 law firms are believed to have been affected by the cyberattack, leaving them unable to access their case files since last Wednesday. Reports on social media suggest that the incident has also disrupted house sales and purchases across the UK, leading to unexpected accommodation and storage costs, as well as soon-to-expire mortgage offers.
CTS spokesperson Natalie Kissack declined to answer TechCrunch’s questions when reached for comment on Monday.
Rashana Vigerstaff, a spokesperson for the UK’s data protection watchdog, the Information Commissioner’s Office, told TechCrunch that CTS had notified the regulator of the incident. UK organizations are required to inform the ICO within 72 hours of discovering a data breach of personal information.
Several firms that rely on CTS are reporting ongoing disruption due to the cyberattack.
Law firm Taylor Rose MW stated that its “operations are currently impacted” as a result of the CTS cyberattack. “We apologize to our clients for the disruption. We are in close contact with the supplier and are expecting the issue to be resolved in the coming days,” said Ali Jubb, a representative for Taylor Rose MW, in an email to TechCrunch. “In the meantime, we are finding alternative solutions to deal with urgent client matters and keep clients informed.”
O’Neill Patient Solicitors, a law firm that features as a customer case study on CTS’ website, said in its own website notice: “Unfortunately we are experiencing some service disruption, due to an outage which is impacting a number of organisations across the legal sector.”
West Midlands-based Talbots Law said in a notice on its website that it was experiencing difficulties, “due to a technical outage affecting multiple organisations within the legal sector.”
CTS has yet to confirm the nature of the cyber incident or how it occurred but did not dispute claims by security experts that it may have been breached by hackers exploiting the CitrixBleed vulnerability, which US government officials warned was actively exploited by both nation-state hackers and cybercriminal gangs, including LockBit.
In a post on Mastodon, one security expert linked the breach to an exposed NetScaler appliance belonging to Sprout Technologies, a company that merged with CTS in 2020.
One Taylor Rose customer called Lindsay, who asked us to withhold her surname, told TechCrunch that she has experienced issues with her house sale due to the CTS hack. Lindsay said that she should have exchanged on November 22 but hasn’t done so, noting that Taylor Rose has said it is waiting for updates from CTS. Lindsay says her mortgage offer expires on November 30 and fears losing thousands and being unable to move if the process isn’t completed in time.
In its brief website statement, CTS said: “While we are confident that we will be able to restore services, we are unable to give a precise timeline for full restoration.”
Do you work at an organization or law firm affected by the CTS cyberattack? You can contact Carly Page securely on Signal at +441536 853968 or by email. You can also contact TechCrunch via SecureDrop.