In yet another blow to the privacy and security of abuse survivors, the Catholic Archdiocese of Baltimore has been struck by a cyber attack compromising sensitive data. According to WYPR, Stinson LLP, the law firm representing the bankruptcy case's Official Committee of Unsecured Creditors, confirmed that hackers breached their systems in February. However, the incident was not reported until June, as stated in court documents.
The law firm has now committed to providing quarterly updates and will alert the court and survivors if leaked information finds its way online. The significance of this breach is deepened by the fact that many victims had chosen to engage in legal actions anonymously due to the atrocities they experienced in their youth.
Previously in May, as revealed by Bishop-Accountability.org, the Berkeley Research Group (BRG), another advisor involved in the bankruptcy proceedings, was targeted by cyber criminals. "BRG believed it was important that the Incident Notices be filed simultaneously," Timothy Karcher, counsel for BRG, stated in a letter to the court.
This marked the second such incident targeting individuals connected to the abuse cases managed by the Archdiocese. BRG, which handles financial advice for numerous committees, including the one involved in this case, chose to settle with the hackers, acquiring a destruction log as proof that the stolen data was not disseminated publicly. The Archdiocese had previously filed for bankruptcy in fall 2023, shortly before Maryland's Child Victims Act came into effect, a timeline that affects as many as a thousand claimants with abuse dating back several decades.
