The integration of AI in legal research presents efficiency benefits but raises significant ethical concerns, highlighted in the case of Viola Russell v. Linda Burnell Mells. Inaccurate citations from AI led to sanctions for the attorney involved, emphasizing the need for legal professionals to thoroughly verify AI-generated outputs and uphold ethical standards.
In the rapidly evolving landscape of legal technology, the integration of artificial intelligence (AI) into legal research and documentation has become increasingly prevalent. While these advancements offer significant benefits such as increased efficiency and accessibility to legal resources, they also introduce a range of ethical challenges that legal professionals must navigate with caution. A recent case from the District Court of Appeal of Florida, Second District, underscores the critical importance of maintaining rigorous standards of accuracy and integrity when utilizing AI tools in legal practice.
The Case Overview
In the case of Viola Russell v. Linda Burnell Mells, an appeal was filed against the dismissal of a complaint which involved complex issues surrounding the care and estate of an aged individual. The appellant, Ms. Russell, challenged the procedural and substantive aspects of the trial court’s decision, which dismissed her complaint with prejudice and granted entitlement to attorney’s fees to the appellee, Ms. Mells.
Ethical Breach Highlighted
During the appellate process, a significant ethical concern was raised regarding the conduct of Ms. Mells’ counsel, specifically related to the use of AI in legal research. The appellate court discovered that the answer brief filed by Ms. Mells’ attorney contained inaccurate citations and misquotations of case law. Most notably, one of the cited cases, “Cade v. Roberts,” was found to be nonexistent—a clear fabrication likely generated by an AI tool used during the legal research process.
Court’s Response and Ruling
The appellate court treated this matter with the seriousness it warranted, emphasizing the duty of legal professionals to ensure the accuracy and validity of their citations. The court expressed its concern that reliance on AI without sufficient oversight could lead to the erosion of trust and integrity in legal proceedings. As a result, the attorney was referred to the Florida Bar for potential sanctions, highlighting the consequences of failing to meet the ethical standards expected in legal practice.
Key Takeaways for Legal Professionals
1. **Verify AI-Generated Outputs**: While AI can streamline the research process, it is imperative that all outputs generated by AI tools are thoroughly checked for accuracy and reliability. Legal professionals must verify each case citation and quotation to ensure they are correct and applicable.
2. **Understand the Tools**: Legal professionals should strive to understand the capabilities and limitations of the AI tools they use. This includes being aware of how these tools generate data and the potential for errors or “hallucinations” where the AI fabricates information.
3. **Ethical Obligations Remain Paramount**: The use of AI does not alter the fundamental ethical obligations of lawyers. Diligence, honesty, and accuracy are non-negotiable aspects of legal practice, irrespective of the tools employed.
4. **Continuing Education**: As AI becomes more integrated into legal practices, ongoing education and training on the ethical use of technology in law will be crucial. Legal professionals must stay informed about the latest developments and best practices related to AI.
5. **Institutional Guidelines**: Law firms and legal institutions should develop clear guidelines and training programs on the appropriate use of AI in legal research. This can help prevent misuse and ensure that all staff adhere to ethical standards.
Conclusion
The case of Viola Russell v. Linda Burnell Mells serves as a crucial reminder of the ethical challenges posed by the integration of AI in legal practices. As we continue to embrace technological advancements, it is essential that we maintain the integrity of legal processes and uphold the highest standards of professional conduct. The legal community must be proactive in managing these technologies to harness their benefits while mitigating risks and ensuring justice is served with the utmost reliability and accuracy.
In the legal case between Pursuit Credit Special Opportunity Fund and KrunchCash LLC, reliance on artificial intelligence (AI) for drafting legal documents has raised significant concerns. Errors found in Defendants’ submissions, such as misquotes and incoherent arguments, highlight the risks of using AI without proper oversight. This situation emphasizes the ethical duties of attorneys to ensure accuracy and suggests a need for stricter guidelines regarding AI in legal processes.
In a recent legal dispute between Pursuit Credit Special Opportunity Fund, L.P. (“Pursuit”) and KrunchCash LLC, along with its associated entities and Jeffrey Hackman (collectively, “Defendants”), an unusual yet increasingly pertinent issue has surfaced: the reliance on artificial intelligence (AI) in preparing legal documents. This scenario provides a stark illustration of the potential pitfalls of integrating AI technology into legal practices without sufficient oversight and rigor.
1. **Mismatched Responses and Statements**: The Defendants responded to paragraphs that did not exist in Pursuit’s original statement of material facts and misquoted or hallucinated statements purportedly from Pursuit’s submissions.
2. **Incoherent Argumentation**: There were instances where the roles of the plaintiff and defendants were confused, and the responses were often not aligned with the corresponding statements from Pursuit.
3. **Non-existent Evidence**: The Defendants cited evidence that simply did not exist, undermining the credibility of their legal arguments.
These errors not only compromise the integrity of the legal process but also potentially damage the Defendants’ position in the litigation. Such inaccuracies and hallucinations in legal documents can mislead the court and opposing parties, leading to unjust outcomes.
Pamela B. Ader, as executor of the estate of Richard H. Ader, Plaintiff, against Jason Ader, JS Property Holdings LLC, Defendants. Decided on October 1, 2025, Supreme Court, New York County
Justice Cohen’s October 1, 2025 Order for Sanctions Against Counsel
“The Court may award sanctions for frivolous conduct against a party and/or an attorney in its discretion where appropriate (22 NYCRR § 130-1.1). Moreover, Rule 3.3 of the New York Rules of Professional Conduct (“Conduct Before a Tribunal”) provides that a lawyer “shall not knowingly make a false statement of fact or law to a tribunal[.]” (NY ST RPC Rule 3.3). Finally, 22 NYCRR § 100.3(D)(2) provides that “[a] judge who receives information indicating a substantial likelihood that a lawyer has committed a substantial violation of the Rules of Professional Conduct (22 NYCRR Part 1200) shall take appropriate action.”
“Use of AI is not the problem per se. The problem arises when attorneys abdicate their responsibility to ensure their factual and legal representations to the Court—even if originally sourced from AI—are accurate. “The court relies on attorneys to do their jobs: advocate for their clients using law and facts—real law and real facts” (Enterprise v Shvo, NYSCEF 154 in Index No. 653221/2024 [Sup Ct, NY County, Dec. 24, 2024] [Masley, J.]). When attorneys fail to check their work—whether AI-generated or not—they prejudice their clients and do a disservice to the Court and the profession. In sum, counsel’s duty of candor to the Court cannot be delegated to a software program.”
“By now the risks and consequences of AI-hallucinated citations should be familiar (see e.g. Park v Kim, 91 F 4th 610, 615-16 [2d Cir 2024] [attorney referred to court’s grievance panel for disciplinary proceedings for submitting brief containing non-existent case citations generated by ChatGPT and case was dismissed]; Mata v Avianca, Inc., 678 F Supp 3d 443, 466 [SD NY 2023] [attorneys ordered to pay a penalty and to send copies of sanctions petition to client and each judge falsely identified as authors of fake opinions]; Enterprise v Shvo, supra [ordering attorney to reimburse movants for fees incurred in communications regarding improper AI use]; Matter of Samuel, 82 Misc 3d 616, 620 [Surr Ct, Kings County 2024] [affirmation brief struck from the record]). Moreover, courts have made clear that reliance on the research of others is not a valid excuse for presenting false citations (Johnson, 2025 WL 2086116, at *20 (citing cases)).”
“Here, Plaintiff seeks her attorney’s fees and costs and out-of-pocket expenses incurred by the delay in adjudicating her summary judgment motion as a sanction against Defendants for frivolous conduct. The Court finds that awarding Plaintiff her reasonable costs and attorney’s fees incurred in connection with the sanctions motion, together with such fees attributable to addressing Defendants’ unvetted AI citations and quotations in the summary judgment motion, is an appropriate monetary sanction against both Defendants and their counsel, jointly and severally.”
“In addition, in view of the reporting mandate of 22 NYCRR § 100.3(D)(2) and to deter such conduct going forward (see Johnson, 2025 WL 2086116, at *20), the Court directs Plaintiff’s counsel to submit a copy of this decision and order to the Grievance Committee for the Appellate Division, First Department and the New Jersey Office of Attorney Ethics, copying Defendants’ counsel and this Court on its transmittal letters. The Court will provide a copy of this decision and order to Judge Katz, who is presiding over a matrimonial matter in this Court in which Defendants’ counsel is representing Jason Ader (NYSCEF 169 at 23).”
“Therefore, it is”
“ORDERED that Plaintiff’s motion for sanctions pursuant to 22 NYCRR § 130-1.1 is GRANTED, such that Defendants and their counsel are jointly and severally liable to compensate Plaintiff for her reasonable costs and attorney’s fees incurred in connection with this [*4]motion, together with fees and costs attributable to addressing Defendants’ unvetted AI citations and quotations in the summary judgment motion; it is further”
“ORDERED that Plaintiff shall submit an application with supporting documentation for the fees awarded above within fourteen (14) days of the date of this order; Defendants and their counsel may submit opposition thereto within fourteen (14) days of Plaintiff’s application. Plaintiff shall notify the Court via letter filing on NYSCEF and by email when the application is complete and whether it is opposed or unopposed; and it is further”
“ORDERED that Plaintiff’s counsel promptly submit a copy of this decision and order to the Grievance Committee for the Appellate Division, First Department and the New Jersey Office of Attorney Ethics, copying defense counsel and this Court on its transmittal letters.”
“This constitutes the decision and order of the Court.” DATE 10/1/2025 JOEL M. COHEN, J.S.C.
AI in Legal Work: A Double-Edged Sword
The integration of AI into legal work offers promising benefits, such as increased efficiency and the ability to analyze large volumes of data quickly. However, the case at hand underscores the technology’s current limitations and risks. AI, particularly in its current form, lacks the nuanced understanding of legal principles and the strategic thinking required for legal argumentation. It can process and generate text based on patterns in data, but it does not comprehend context or the subtleties of legal reasoning.
Moreover, the use of AI can lead to a detachment of lawyers from their work. Relying on AI without thorough verification and oversight can result in errors going unnoticed until they potentially cause significant legal repercussions. This detachment not only diminishes the quality of legal practice but could also erode trust in legal proceedings.
Ethical and Procedural Implications
The situation also highlights the ethical considerations surrounding the use of AI in legal contexts. Lawyers are traditionally held to high standards of accuracy and diligence under legal and ethical frameworks. Delegating critical tasks to AI without adequate checks does not absolve lawyers from their responsibility to ensure the accuracy and appropriateness of their filings.
From a procedural standpoint, this case may prompt legal institutions to establish clearer guidelines and standards for AI use in legal processes. Ensuring that AI tools are used responsibly and do not undermine the fairness of legal proceedings is paramount.
Moving Forward: Caution and Regulation
As AI continues to evolve and integrate into various sectors, including law, it is crucial that this integration is approached with caution and guided by stringent standards. Legal professionals should be trained not only to use AI tools effectively but also to understand their limitations and risks. Regular audits and checks should be a mandatory part of using AI-generated content in legal filings to prevent errors and maintain the integrity of legal documents.
Ultimately, while AI represents a revolutionary tool in many fields, its use in law must be carefully managed to avoid compromising the quality and fairness of legal proceedings. The case of Pursuit vs. KrunchCash serves as a critical reminder of the need for balance between innovation and the traditional diligence required in the legal profession.
EMR Audit Trails: Importance in winning medical malpractice cases
When we consider the labyrinth of Electronic Health Records (EHRs), the concept of an audit trail might not strike us as immediately significant—until we delve into the realm of medical malpractice. Here, audit trails transcend their basic function to become pivotal elements in the quest for truth, often determining the course of justice in malpractice litigation.
An audit trail in the context of EHRs is essentially a digital breadcrumb trail. It meticulously logs every interaction with a patient’s health record. This includes not just the modifications made to the record, but also who accessed it and when. This might sound straightforward, but the implications are profound, particularly when the accuracy of medical records comes under scrutiny in a court of law.
Firstly, audit trails provide a precise timeline of patient care events. Imagine a scenario where the sequence of medical actions is disputed in a lawsuit. Here, the audit trail acts as a chronological witness to the events, lending clarity to the proceedings and often becoming a cornerstone of the legal argument.
Moreover, the integrity of health records is paramount. Audit trails ensure this integrity by logging every transaction and access—like a vigilant guard that keeps a watchful eye on the sanctity of medical data. This feature is crucial because it allows for the detection of any alterations or deletions to the records, which could suggest attempts to cover up errors. It’s a feature that brings both transparency and accountability to the digital records.
The data from audit trails can either corroborate or contradict the testimonies of healthcare providers. In legal contexts, where testimonies can vary wildly in their accounts, the objective, unchangeable log of an audit trail provides a baseline of facts that can affirm or challenge these subjective narratives.
Additionally, audit trails help to identify all healthcare professionals who interacted with the patient’s records. This can be especially useful in complex cases involving multiple caregivers, where pinpointing responsibility is key. The detailed logs of access and modifications can precisely attribute actions to specific individuals at specific times.
Beyond the basics of logging views and edits, audit trails also record system alerts and order sets. System alerts in audit trails can indicate automated medical responses triggered by certain data inputs, which can be crucial in understanding how and why certain decisions were made. Order sets documented within audit logs detail the specific care protocols that were prescribed, offering insights into the standard of care administered.
However, despite their utility, audit trails are complex beasts. They require expert analysis to be effectively understood and utilized in legal contexts. This complexity often necessitates the involvement of specialized Electronic Medical Record (EMR) data experts who can decipher the technical logs and translate them into comprehensible evidence for the courtroom. Audit trails commonly include the object identifier that the action refers to. Production of EMR often fails to clearly include the object identifier in the patient’s medical chart, sometimes requiring additional production requests of EMR that clearly label the object identifier of the care note, in basket message, order entered, lab results reviewed, and other health care provider documents created, edited, approved, printed or viewed.
In conclusion, the role of audit trails in electronic health records is multifaceted and indispensable. They not only foster transparency and accountability in patient care but also serve as vital tools in the adjudication of medical malpractice cases. By providing a clear, unalterable record of medical interactions, audit trails help ensure that justice can be appropriately served, influenced by concrete evidence rather than mere conjecture. Thus, in the intricate dance of legal proceedings, audit trails offer a step towards clarity and fairness, proving or disproving claims with the weight of digital truth.
Lee Neubecker is the President and CEO of Enigma Forensics, Inc., a Chicago and Fort Lauderdale based Computer Forensics and Cyber Investigation consultancy. Neubecker assists Fortune 500 clients, government agencies, and private organizations with cyber-related investigations involving theft of electronic data, authentication of digital evidence, electronic medical records, fraud, counterfeiting, and online identity unmasking.
During 2016 and 2017, Neubecker assisted the U.S. Federal Government in discovering important security compromises including, the compromise of NIST.gov wildcard certificate (boudicca.nist.gov) using deprecated encryption (December 2016), compromise of time.gov NIST time servers (December 2016), compromise of NIST NSRL Hash Set download page (December 2016) and leaked email usernames and passwords from U.S. Intelligence Agency email account credentials onto public sandbox websites such as pastebin.com. (December 2016 and January 2017). Neubecker has a track record of uncovering Cyber Data Breaches and has performed investigations on the State and Federal Government Agency levels.
Neubecker’s has performed extensive research pertaining to hardware based vulnerabilities and exploits including, Serial Peripheral Interface – chip stored malware that has been impacting individuals, companies and government agencies in the wild following the leak of
Prior to founding Forensicon, Inc., Mr. Neubecker founded BuzzBolt Media, a web development and Search Engine Optimization consultancy which later became Forensicon, Inc. Before moving to Chicago in 2000, Mr. Neubecker led the online communities’ product
development and programming initiatives for the Lycos Network, a pioneering Web media model that included three Top 10 Web sites and was one of the most visited hubs on the Internet during Neubecker’s tenure. Neubecker was responsible for creating, launching and managing chat, instant messaging, message boards, and online games across the Lycos network. In this role, Mr. Neubecker led the company’s response to legal inquiries from law enforcement personnel and personally oversaw complicated international investigations involving transcontinental Cyber attacks against company servers and users.
Before joining Lycos and graduating with an MBA focused in technology, Mr. Neubecker launched and successfully managed Innovative Consulting, Inc., an information technology consulting company. Mr. Neubecker’s company deployed network management, contact management, sales automation and ERP solutions to small and mid-tier organizations. Prior to Innovative Consulting, Neubecker held operations and finance analyst positions with Ford Motor Company and Comerica Bank. Mr. Neubecker has experience in securities valuation and accounting from his position at Comerica Bank, where he served as a Trust Fund finance analyst. While serving at Ford Motor Company as an intern, Neubecker was integral in automating important processes and bringing financial forecasting methodologies online, resulting in more timely and accurate quarterly financial forecasts.
Mr. Neubecker graduated magna cum laude from Babson College with a Masters of Business Administration, focusing on Technology. Mr. Neubecker also holds an undergraduate degree in Finance, magna cum laude, from Eastern Michigan University.
NOTABLE CASES OF RECORD AS A COMPUTER FORENSICS EXPERT WITNESS
LESEAN DOBY v. ZIDAN MANAGEMENT GROUP, INC.
IN THE UNITED STATES DISTRICT COURT FOR THE NORTHERN DISTRICT OF ILLINOIS EASTERN DIVISION
Case No. 1:23-cv-16602
Provided affidavit regarding the analysis of a biometric fingerprint lock in support of the defendant as it relates to the Illinois Biometric Information Protection Act.
JAQUAN SHORTER v. ADVOCATE HEALTH AND HOSPITALS ) CORPORATION, ET. AL.
IN THE CIRCUIT COURT OF COOK COUNTY, ILLINOIS
COUNTY DEPARTMENT, LAW DIVISION
Case No. 2023L012024
Filed affidavit regarding user authentication to the defendant’s Electronic Medical Record system and the origins of the logon activities when accessing the patient’s health provider’s EMR system.
EUGENE EVANS v. CORRECTHEALTH CLAYTON, LLC and PAMELA BLAHA, LPN
IN THE SUPERIOR COURT OF FULTON COUNTY STATE OF GEORGIA, Case No. 2023CV379078
Filed affidavit regarding electronic medical records.
MARVA BURNETTE v. RUSSELL P. NOCKELS, M.D., IGNACIO JUSUE-TORRES, M.D., and LOYOLA UNIVERSITY MEDICAL CENTER
IN THE CIRCUIT COURT OF COOK COUNTY, ILLINOIS COUNTY DEPARTMENT, LAW
DIVISION, Case No. 2023-L-000973
Filed affidavit regarding electronic medical records and audit trails.
CHRISTINE MCLAUGHLIN, CRYSTAL VANDERVEEN, JUSTIN LEMBKE, SCOTT HARDT, ET. AL. v. SELECT REHABILITATION LLC
UNITED STATES DISTRICT COURT FOR THE MIDDLE DISTRICT OF FLORIDA
JACKSONVILLE DIVISION
CLASS and COLLECTIVE ACTION Case No: 3:22-cv-00059-HES-MCR
Filed Declaration regarding the availability of EMR audit log records to show when staff were performing work.
CIRCUIT COURT OF COOK COUNTY, ILLINOIS, Case No. 2022-CV-00415
Provided affidavit detailing the lack of compliance with the courts’ order requiring handover of Robertson’s personal smartphone and computer for forensic preservation and analysis relating to a departed employee investigation and alleged electronic trade secret misappropriation.
DEVIN ESTIME v. SOUTHERN CALIFORNIA PERMANENTE MEDICAL GROUP
SUPERIOR COURT OF THE STATE OF CALIFORNIA COUNTY OF LOS ANGELES, Case No.: 22STCV06517
Filed affidavit regarding electronic medical records and audit trail productions.
Completed forensics analysis of iPhone, Macbook, and iPad of defendant in the case.
CONNIE & GARY ANDERSON v. PATIENT FIRST MARYLAND MEDICAL GROUP
IN THE CIRCUIT COURT FOR BALTIMORE COUNTY Case No. C-03-CV-21-001814
Provided affidavit related to EMR and audit trail logs.
PHOTOFAX, INC. v. JOSEPH BRADY CIRCUIT COURT OF KANE COUNTY, IL Case No. 21-CH-000167
Provided affidavit detailing the forensic examination of the PhotoFax issued laptop by the departed employee. Reported on the destruction of evidence and provided support for a motion to compel examination of the devices still used by Joseph Brady to look for sensitive company data and trade secrets.
JAMES ABRAHAM, successor Trustee of the JOHN A. ABRAHAM TRUST v. ELIZABETH CHAPMAN
IN THE CIRCUIT COURT OF COOK COUNTY, ILLINOIS COUNTY DEPARTMENT, MUNICIPAL DIVISION
Case No. 2020 M170426
Provided affidavit regarding the authenticity of alleged lease produced by the defendant relative to a forensic analysis of computing devices.
JOSEPH NICOLOSI ET. AL. v. STANDARD PARKING ET. AL.
CIRCUIT COURT OF COOK COUNTY, IL Case No. 20-L-007912.
Provided affidavit detailing EXIF photo metadata extracted from the Plaintiff’s production of alleged photos taken of damaged artwork and other effects. Identified photos that were edited after they were taken using Photoshop.
PATRICK T. MCKINNEY, BY AND THROUGH HIS LEGAL GUARDIAN, RONI S. MCKINNEY, AND RONI S. AND TIMOTHY C. MCKINNEY, INDIVIDUALLY AND AS THE PARENTS AND NATURAL GUARDIANS OF PATRICK T. MCKINNEY v. THE CLEVELAND CLINIC FOUNDATION AND THE CLEVELAND CLINIC HEALTH SYSTEM
COURT OF COMMON PLEAS OF CUYAHOGA COUNTY, OHIO Case No. CV-20-931-660.
Provided affidavit in support of a motion to compel for supervised on-site obtainment of the plaintiff’s full medical records. Involved Epic EMR software.
NIMISH SHAH, AS THE NATURAL SON OF PUSHPABEN C. SHAH, v. ST. LUKE’S EPISCOPAL PRESBYTERIAN HOSPITALS, D/B/A ST LUKE’S HOSPITAL, ET. AL. CIRCUIT COURT OF ST. LOUIS COUNTY, MISSOURI. Case No. 20SL-CC04023. Div. 8.
Signed an affidavit exhibiting deficiencies in Defense’s production and supporting a motion to compel for an on-site collection of the plaintiff’s medical records. Involved Cerner software.
MARC STRAUSS v. KATHLEEN VAN VALKENBURG, M.D. and SIGHT MEDICAL DOCTORS, P.L.L.C.
SUPREME COURT OF THE STATE OF NEW YORK, COUNTY OF NASSAU, Index No. 608054/2020.
Submitted an affidavit in support of a motion to compel for full medical records involving MyCare iMedicWare EMR software.
IN THE CIRCUIT COURT OF THE SEVENTH JUDICIAL CIRCUIT SANGAMON COUNTY, ILLINOIS, Case No. 2020-L-105
Provided affidavit related to EMR and audit trail logs.
RONI S. AND TIMOTHY C. MCKINNEY, v. THE CLEVELAND CLINIC FOUNDATION
IN THE COURT OF COMMON PLEAS CUYAHOGA COUNTY, OHIO
Case No.: CV-20-931660
Filed affidavit regarding electronic medical records.
AUSTIN ROBERTS v. IOWA HEALTH SYSTEM d/b/a UNITYPOINT HEALTH, TRINITY MEDICAL CENTER
IN THE CIRCUIT COURT OF THE FOURTEENTH JUDICIAL CIRCUIT ROCK ISLAND COUNTY, ILLINOIS, Case No. 2020 L 76
Filed affidavit regarding electronic medical records and audit trails.
SMART MORTGAGE CENTERS, INC. V BRIAN NOE, EILEEN PRUITT, AND NEXA MORTGAGE, LLC
IN THE CIRCUIT COURT OF WILL COUNTY, ILLINOIS TWELFTH JUDICIAL CIRCUIT Case No. 20 CH 292
Filed an affidavit regarding allegations of trade secret misappropriation.
PHILIPS NORTH AMERICA, LLC v. FITBIT, INC.
IN THE US DISTRICT COURT FOR THE DISTRICT OF MASSACHUSETTS
Case No.: 1:2019cv11586
Filed affidavit relating to forensic inspection of electronic data relative to allegations of trade secret misappropriation.
ROBERT WATSON and MARK SAULKA, v. RYAN TODD WEIHOFEN and POOL TECHNOLOGIES, LTD.,
IN THE CIRCUIT COURT OF COOK COUNTY ILLINOIS COUNTY DEPARTMENT, CHANCERY DIVISION, Case No. 2019 CH 12252
Filed affidavit regarding the expected cost to comply with a subpoena for production of electronic medical records.
LOUIS ARGIRIS v. PAUL V. FAHRENBACH, M.D., GI SOLUTIONS OF ILLINOIS LLC, ATHANASIOS D. DINIOTIS, M.D., TIESENGA SURGICAL ASSOCIATES, S.C. d/b/a SUBURBAN SURGERY CENTER INCORPORATED, JOSEPH Z. PUDLO, M.D., and JOSEPH Z. PUDLO, M.D., S.C.
COOK COUNTY CIRCUIT COURT, ILLINOIS, Case No. 2019 L 012187.
Provided affidavit in support of a motion to compel for the revision history of the plaintiff’s medical records. Consulted with counsel in serving subpoena to EMR system provider.
Involved Greenway Health’s EHR platform.
CHRISTOPHER JOHANSEN v. NOW MARKETING SERVICES INC. AND INTERCOVE, INC.
CIRCUIT COURT OF WILL COUNTY, IL, Case No. 19-L-989.
Provided affidavit relating to departed employee apparent deletion activities including access of emails post employee departure in support of a motion to compel forensic preservation and analysis of the departed employee’s personal electronic devices.
ROBERT WATSON AND MARK SAULKA v. RYAN TODD WEIHOFEN AND POOL TECHNOLOGIES, LTD.
CIRCUIT COURT OF COOK COUNTY, IL, Case No. 19-CH-12252.
Provided affidavit discussing the expected costs of a third party producing electronically stored information.
BYRON FOXIE, as legal guardian and parent of TIGE W. FOXIE, v. ANN & ROBERT H. LURIE CHILDREN’S HOSPITAL OF CHICAGO, and ALMOST HOME KIDS, and OTHER UNKNOWN PARTIES, JOHN DOES 1-10 and ROE CORPORATIONS 1-10 CIRCUIT COURT OF COOK COUNTY, ILLINOIS, Case No. 19 L 7430
Provided testimony in the form of three affidavits supporting a motion to compel during discovery due to deficiencies in EMR production. Involved Epic EMR software.
CIRCUIT COURT OF KANE COUNTY, ILLINOIS, Case No. 19-CH-000217.
Performed forensic imaging of departed employee devices. Assisted with the construction of an ESI protocol. Analyzed, signed an affidavit, and testified regarding alleged misappropriation of trade secrets.
BLACK ROCK TRUCK GROUP, INC. FKA NEW ENGLAND TRUCK SALES AND SERVICE, INC. v. HARRY TARASIEWICZ and JOSEPH TARASIEWICZ
UNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF NEW YORK, Case No. 7:19-cv-2367
Performed preservation of evidence, search and production of ESI. Analysis regarding allegations of trade secret misappropriation. Provided testimony regarding fabrication of emails and destruction of evidence.
TERRI BROWN v. MOUNT SINAI MEDICAL CENTER OF FLORIDA, INC. ET. AL.
IN THE CIRCUIT COURT OF THE ELEVENTH JUDICIAL CIRCUIT IN AND FOR MIAMI-DADE COUNTY, FLORIDA
Case No. 2018-016560-CA-09
Filed affidavit regarding the inadequate production of Plaintiff’s electronic medical records.
JERAME ANDREWS, and THERESA ANDREWS v ANKLE AND FOOT CENTERS OF GEORGIA. ET. AL
IN THE STATE COURT OF GEORGIA FULTON COUNTY Case No. 18EV003536
Filed affidavit regarding the inadequate production of Plaintiff’s Electronic Medical Records.
UNITED STATES DEPARTMENT OF JUSTICE V. BUYANTOGTOKH DASHDELEG, PETITION FOR REMOVAL.
Executive Office for Immigration Review Chicago, Illinois, File No. A218-056-722
Filed affidavit regarding the authenticity of email transmitted.
PEOPLE OF THE STATE OF ILLINOIS v. CHRISTIAN DAIGRE
CIRCUIT COURT OF COOK COUNTY, ILLINOIS, Case No. 2018-cr-1626801
Provided affidavit regarding the lack of the original sources of data being preserved that would allow for authentication of SMS and MMS messages allegedly sent and received.
RILEY ANN BERGTHOLDT v. ADVOCATE HEALTH AND HOSPITAL CORP, ET. AL.
CIRCUIT COURT OF COOK COUNTY, ILLINOIS, Case No. 2018-L-8647
Provided affidavit detailing deficiencies with defendant’s production of Electronic Medical Records (hereafter “EMR”) produced from Allscripts and from EPIC.
ANDREA BROCK, MICHAEL BROCK, S.B. v. THE UNIVERSITY OF CHICAGO MEDICAL CENTER D/B/A COMER CHILDREN’S HOSPITAL
CIRCUIT COURT OF COOK COUNTY, IL, Case No. 18-L-1175.
Provided affidavit in support of a motion to compel production of the Patient’s complete EMR, including Defendant’s secure file storage system, “Sticky Notes”, “In Basket” messages, audit trail records and complete revision history of the EMR as stored in the EPIC Hospital Information System.
TERRI BROWN, an individual, and ALAN ROCK, her husband, v. MOUNT SINAI MEDICAL CENTER OF FLORIDA, INC. d/b/a MOUNT SINAI MEDICAL CENTER, a Florida Corporation; and WILLIAM F. BURKE III, M.D., an individual; and BRETT C. FUKUMA, M.D., an individual
CIRCUIT COURT OF MIAMI-DADE COUNTY, FLORIDA, Case No. 2018-016560-CA-09.
Filed two affidavits in support of a motion to compel for an on-site collection of plaintiff’s electronic medical records. Involved Epic EMR software and Synapse PACS.
THE FOREST PRESERVE DISTRICT OF COOK COUNTY V. ROYALTY PROPERTIES, LLC; CANNON SQUIRES PROPERTIES, LLC; MERIX PHARMACEUTICAL CORPORATION, RICHARD KIRK CANNON, MERYL SQUIRES-CANNON, MCGINLEY PARTNERS, LLC, AND ROYALTY FARMS, LLC CIRCUIT COURT OF COOK COUNTY, ILLINOIS, Case No. 18 L 315.
Provided in courtroom testimony on the significance of electronic file metadata as it relates to when documents were received and modified.
CIRCUIT COURT OF COOK COUNTY LAW DIVISION, Case No. 18 L 1096.
Provided in court testimony and testimony via affidavit to assist with eDiscovery protocol process and address allegations of spoliation, withholding of information and authenticity of email.
JORIE LP, KOPLIN AND CONTENT CURATION & DATA ASSET MANAGEMENT v. ROBERTS MCGIVNEY ZAGOTTA ET AL.
CIRCUIT COURT OF DUPAGE COUNTY, ILLINOIS, Case No. 17 L 728.
Provided in court testimony and testimony via affidavit involving issues of email authenticity, cell phone fabrication of evidence, and eDiscovery.
CIRCUIT COURT OF WILL COUNTY, ILLINOIS, Case No. 15 L 681.
Provided written affidavits regarding alleged software code misappropriation. Assisted counsel with seeking preservation of electronic data from third parties.
BORCHERS V. FRANCISCAN TERTIARY PROVINCE OF THE SACRED HEART, INC., ET. AL..
LORILLARD TOBACCO COMPANY v. CANSTAR (U.S.A.), INC. ET. AL.
NORTHERN DISTRICT COURT OF ILLINOIS, EASTERN DIVISION, Case No. 03-C-4769.
Performed forensic preservation and forensic analysis that resulted in identifying a counterfeiting syndicate. Located personal email accounts and offshore wiring accounts used to perpetrate the counterfeiting scheme. More than $5 million was awarded from Neubecker’s discovery of a counterfeit scheme.
Managed Engineering Development and data analysis activities across many disparate technologies, from legacy through more recent technologies and platforms including;
Mac OS X, Windows (Dos/3.1/NT/2000/XP/Vista/2008/2012/7/8/10), Windows Server NT, 2000, 2008, 2012 (Active Directory, Group Policy Management, Certificate Management), Bash, Busybox, Amiga, Commodore, CPM, TI 99/4a, Grub, Kali Linux, Linux, Raspbian OS, Solaris, VMware, Raspberry PI OS, & Unix
MS Office, SDR, Webx, WebTrends, Camtasia, Adobe Photoshop, MS Office, MS Project, MS Access, MS Excel, MS Powerpoint, MS Word, MS Visio, Peachtree, Quickbooks & Quicken
Created documentation and work ticketing system for tracking problems and improving service response HaystackID — Boston, MA (1/2018 – 3/2018)Chief Information Security Officer
Performed initial security assessment of organization
Prepared for GDPR compliance initiatives of organization
Outreach to potential clients
FORENSICON, a QDiscovery Company — Founder and consultant, Chicago, IL (2016 – 2017)
Identified opportunities to provide existing client base with services available from combined companies
Presented on the Telephone Consumer Protection Act regarding strategies towards mitigating lawsuits
FORENSICON, INC. — Chicago, IL (2000 – 2016)President & CEO
Conducted fraud examinations involving misappropriation of funds, trade secrets, tax evasion, money laundering, and other white collar related investigations
Supervised a team of forensics experts in providing complex litigation plaintiff and defense consulting
Appointed by the U.S District Court of the Northern District of Illinois to assist defense counsel in the trial against accused terrorist trial of Tahawwur Rana – The single count where my firm presented testimony, the defendant was found not guilty
Performed online investigative work to identify and assist law enforcement with the apprehension of the Boston Bombing perpetrators, Dzhokhar and Tamerlan Tsarnaev
Uncovered and reported the third known data breach of the Chicago Board of Elections voter database and election worker personal information
Supervised testifying experts on many cases of record to prepare technical experts for cross examination and rebuttal of their findings
Preserved electronic evidence for a range of clients using legally sanctioned protocols
Selected as preferred vendor by the Illinois Attorney Registration Disciplinary Commission – assisted with investigating various claims filed against licensed Illinois Attorneys
Developed Custom ERP System for evidence management, project management, time tracking and billing
Provided expert testimony to resolve disputes for various commercial, nonprofit, and governmental agency clients
Appeared several times as a computer forensics expert on WCIU TV Chicago Channel 26, First Business, NPR Business News, NBC Chicago and more
Led data breach first responder efforts for; State Government Social Services Department, Non-Profit HealthCare Organization, Financial Services Company, Accounting Firm, Private Membership Club Organization and various Corporations
Oversaw the development and presentations made to attorneys and legal support staff at the Chicago Bar Association, Illinois Attorney & Discipline Regulatory Commission, DuPage County Bar Association, various associations and more
Provided expert witness testimony regarding willful deletion of evidence by a departing employee where the testimony was upheld on appeal proving spoliation of evidence
Compiled emails from numerous platforms into popular litigation support platforms
Speaker at various events on the topic of computer forensics (see list below)
Performed computer forensics examinations in FBI forensics labs
Led the successful forensic analysis defense efforts against a law firm client of our firm that was accused of willful spoliation of evidence – discovered and reported our findings to Judge Mikva that no spoliation had occurred as alleged, the drive was merely encrypted and contained all information
Led numerous anonymous online defamation investigations resulting in the identification of many anonymous persons responsible for the defaming activities
Expert in Search Engine Optimization
LYCOS, INC. — Senior Product Development Manager, Community Products Group, Waltham, MA (1998 – 1999)
Managed and/or launched a large group of products including chat, message boards, and games
Responded to SEC/FBI Inquiries pertaining to illicit behavior in Lycos network online properties
Tracked hacker attacks on the Lycos network of sites to help identify and prosecute offenders
Implemented safeguards against denial-of-service attacks across product group
Instituted product development and service roadmap management system for teams
Created & managed multiple cross-functional product teams
Managed transition of products from external to internal hosting
Led engineering team on the development of scalable & secure online products
INNOVATIVE CONSULTING, INC. — President Brownstown, MI (1994 – 1997)
Led a company of five professionals providing IT support to various sized Companies
Provided Network support in a multi server environment (NT, Novell, Mac, Linux)
Implemented financial management software for tier 3 automotive suppliers
Designed & executed disaster recovery procedures for multiple businesses
Architected multi-office communication infrastructure for multiple companies
COMERICA BANK — Securities & Trust Fund Accountant, Detroit, MI (1994)
Audited security transactions for bank trust funds
Researched discrepancies in reporting
Published & verified daily yield rates of several portfolios of marketable securities
Initiated automation of trust fund daily reporting
FORD MOTOR COMPANY, INC. — Detroit, MI (1992 – 1994)Product Pricing Analyst
Estimated cost impact on production forecast for various product design changes
Benchmarked sourced products to ensure price competitiveness
Designed & implemented a profit forecasting system using Excel & EDI
PRESENTATIONS
“Keys to Unlocking Electronic Medical Records EMR”, MCLE Tuesday May 25, 2021 delivered via Zoom co-sponsored by the Illinois Public Defender Association, the Illinois Innocence Project, the Center for Integrity in Forensic Sciences, and the Family Justice Resource Center.
Illinois Public Pension Advisory Committee: Friday, December 2nd’s IPPAC Winter Conference “The Imminent Threat of Cyber Attacks to your Pension Boards” panel
National Society of Insurance Investigators: “Cellphones, Pictures, Videos . . . What a Cyber Forensic Investigation Can Reveal”, December 4th, 2014
The Disaster Conferences : “Cyber Threats and Data Breaches”, September 18th, 2014
First Chair Awards : “Data Breach & Incident Response: How to Mitigate Your Risk Exposure”, August 2014
Cigar Society of Chicago : “How to Catch a Terrorist”, September 2013
ICPAS Fraud Conference 2012: “What a Responsible Professional (CPA or Attorney)
Should Know about eDiscovery and Document Management”, September 2012
Law Bulletin E-Discovery Seminar: “Managing Scope & Review”, June 28th, 2011
NetSecure ‘11: IT Security and Forensics Conference and Expo: “Protecting Digital Assets from Hackers and Thieves”, March 24th, 2011
Chicago Association of Litigation Support Managers, CALSMposium: “Seventh Circuit Electronic Discovery Pilot Program”, October 7th, 2009
National Business Institute – “E-Discovery Searching the Virtual File Cabinets”:(co-presented with Christopher S. Griesmeyer, partner at Levenfeld Pearlstein, LLC and David W. Porteous, partner at Faegre Baker Daniels LLP) “Obtaining Electronic Data & Best Practices in using Computer Forensics”, September 19th, 2008
Law Bulletin E-Discovery Seminar — “Electronic Discovery in Practice”: (co-presented with Jennifer Wojciechowski of Kroll Ontrack) “Avoiding the Pitfalls of the Electronic Era”, October 2005
Institute of Internal Auditors, Chicago West Chapter Meeting: (co-presented with Cameron Nelson, attorney at Greenberg Traurig) “Using Computer Forensics To Conduct Investigations”, May 9th, 2006
Association of Certified Fraud Examiners Workshop: (co-presented with Kathryn Hoying, attorney at Johnson & Bell, Ltd.) “Using Computer Forensics to Conduct Investigations”, February 10, 2006
Chicago Law & Technology Conference: “Computer Forensic Update”, co-presented with Greenberg Traurig LLP Attorney Cameron Nelson, February 23, 2006
FagelHaber, LLC’s E-Discovery Conference: (co-presented with Richard Chapman, Gary Green, David Rownd and Robert Kamensky, attorneys at FagelHaber, LLC) “Avoiding the Pitfalls of the Electronic Era”, October, 2005
Chicago Bar Association, CLE Seminar: (co-presented with Kathryn Hoying, attorney at Johnson & Bell, Ltd.) — “Deliverables to Request From Your Computer Forensics Examiner”,2005
Chicago Economic Development Council: “Internal Fraud Investigations”, 2005
Law Bulletin Publishing Company E-Discovery Conference 2005: “Show me the Smoking Gun!”, 2005
American Law Firm Association’s International Client Seminar 2005: (co-presented with Joe Marconi, attorney at Johnson & Bell, Ltd and Donald Kaufman, attorney at McNees, Wallace & Nurick LLC) — “Discovery, Document Retention & eDiscovery in aPost-Enron/Andersen World”, 2005
Chicago Bar Association, CLE Seminar: (co-presented with William J. Cook of Wildman Harrold, Jeffrey L. Hartman of Competitive Advantage Solutions and Mark S. Simon of Eclipsecurity, LLC) “Computer Forensics For Lawyers”, May 6th, 2004
Chicago/Milwaukee Joint Midwest Law & Technology Conference 2004: “Finding the Smoking Guns: Legal Computer Forensics Without the Geekspeak”, November 30th, 2004
Chicago Bar Association, CLE Seminar: “Resolving Intellectual Property Theft with Computer Forensics”, October 20th, 2004
Chicago Bar Association, CLE Seminar: “Computer Forensics for Lawyers”, May 6th, 2004
Law Bulletin Publishing Company E-Discovery Conference: “Electronic Document Collection and Processing”, April 27th, 2004
LegalTech 2003, Chicago : “True Electronic Discovery”, October 30th, 2003
Chicago Bar Association (Law Office Technology Committee): “Electronic Discovery 101”, 2003
Illinois Academy of Criminology: “Electronic Discovery 101”, Circa 2003
Greater Chicago Chapter of the Association of Legal Administrators: “Electronic Discovery 101”, Circa 2003
Chicagoland Chamber of Commerce: “Web Page Programming For Search Engine Effectiveness”, Circa 2001
NORBIC: “Web Page Programming For Search Engine Effectiveness”, Circa 2001
On April 29th, the Raleigh Housing Authority fell victim to a cyber attack that shut down their computer system. The attack disrupted the agency’s ability to access their email, files, and financial records, leaving the organization struggling to conduct their day-to-day operations.
The RHA provides affordable housing for low-income individuals and families in the Raleigh area. The cyber attack has had a significant impact on the agency’s ability to fulfill its mission of providing safe and affordable housing. In the aftermath of the attack, the RHA has been forced to rely on manual processes to complete their work, causing delays in critical services for their clients.
Cyber attacks have become increasingly common in recent years, with hackers targeting organizations of all sizes and industries. These attacks can result in the loss of sensitive data, financial losses, and damage to a company’s reputation. In the case of the RHA, the attack has disrupted the lives of the low-income families who rely on their services.
To prevent cyber attacks, organizations must prioritize cyber security. This includes implementing strong password policies, regularly updating software and systems, and educating employees on how to recognize and report suspicious activity. Additionally, organizations should consider investing in cyber security insurance to mitigate the financial impact of an attack.
When a cyber attack does occur, it’s important to have a plan in place to respond quickly and effectively. This includes identifying and isolating affected systems, restoring data from backups, and conducting a thorough investigation to determine the cause of the attack and prevent future incidents.
In the case of the RHA, they have taken steps to restore their computer systems and minimize the impact of the attack. However, the incident serves as a reminder of the importance of cyber security and the devastating consequences that can result from a successful cyber attack.
In conclusion, the cyber attack on the Raleigh Housing Authority is a sobering reminder of the importance of cyber security for organizations of all types and sizes. By prioritizing cyber security, organizations can protect their data, their financial stability, and the well-being of their clients.
Informed consent prior to a procedure should be documented in the patients chart and visible on an audit trail.
by Dr. Aikaterina Assimacopoulos
Informed consent is a must prior to any elective procedure. After all risks, benefits and alternatives (r/b/a’s) are thoroughly explained consent can be given. An informed patient is one who understands the nature and purpose of the procedure as well as postoperative expectations of pain, recovery time, need for physical therapy, and any changes to physical appearance. Signed consent should be found in the patients EMR.
Informed Risk Assessment
Common surgical risks include the risk of infection, bleeding or damage to surrounding organs. If a minimally invasive approach is planned, the possibility to convert to an open procedure should be discussed. If the patient is to have an exploratory surgery, a risk is the possibility that nothing is found on exploration. In some cases, there is a potential the surgeon recognizes additional measures must be taken upon viewing the patient’s anatomy. In these cases, the surgeon is usually aware of this potential and should obtain consent and discuss r/b/a’s.
Doctor Washing Hands Before Operating. Hospital Concept.
The benefit or likelihood of a positive outcome should be clearly and realistically defined. The patient should be aware of any alternative options and their r/b/a’s. This includes both more conservative methods of treatment such as medications, physical therapy, or injections as well as any alternative surgical approaches that may vary in method or invasiveness. For example, a vaginal vs. abdominal approach to hysterectomy or LINX vs. Nissen fundoplication methods for gastroesophageal reflux.
Documented Consent
A signed consent form and statement should be uploaded in the chart. For example, “r/b/a’s discussed, patient expressed understanding, all questions asked and answered” should be documented in the chart. However, this does not necessarily mean the patient was properly informed. Often this statement is included as part of a provider’s template, without being consciously documented. Therefore, this raises the question of whether or not the conversation actually took place.
Because this discussion is verbal, it is difficult to use an audit trail to prove whether appropriate informed consent was obtained. However, an audit trail can be used to analyze other aspects of preoperative care which, if deficient, or incomplete, could support the notion informed consent was deficient as well.
What to look for in an audit trail
If surgical complications arose and the physician was concerned about the preoperative care provided, the physician could enter the patient chart after the fact and make additions to the patient’s chart. This is why it is necessary to get an audit trail that extends through the date the EMR is generated. Providers can alter a patients EMR at any time. These changes might not be visible on the EMR but will be on the audit trail.
In most cases, evidence of the following actions should exist in both the printed patient chart and the audit trail:
A clinic visit in which the patient’s need for surgery is assessed.
Any attempt to manage symptoms with more conservative first-line measures. For example, prescription orders or referrals to physical therapy or a pain specialist.
A diagnosis made prior to surgery and added to the patient’s problem list.
In some cases, evaluation of the patient’s personal risk due to any comorbid conditions is done using a ‘risk calculator’ and results should be documented.
A preoperative physical/assessment for higher risk patients.
A complete history and physical note (H&P) within the 30 days prior to surgery.
Procedure-specific labs and imaging which should be viewed by the surgeon prior to surgery.
As motor vehicle theft rates increase, criminals use of technology to open and start vehicles without breaking in may be accelerating the rate of theft.
Smash and grab is no longer required to open a motor vehicle and drive off.
Vehicle theft over the years has largely been on the decline. Technology has improved, therefore, Anti-Theft Systems have gotten more advanced. Beginning around 1983, keyless entry systems began appearing on American Motors vehicles. By the mid to late 2000s, many fobs enabling remote ignition start became more common place on higher end vehicles. However, as this technology advances, criminals are finding new ways to break through.
Security researchers first reported security vulnerabilities in motor vehicle fobs around 2016. This could allow an unauthorized person to unlock and even start a vehicle by intercepting radio frequency (“RF”) emissions from a driver’s fob. Once intercepted, the unauthorized party could use the intercepted signals to conduct a replay attack. As a result, a successful attack on these identified vulnerabilities can allow the unauthorized person to unlock and start a vehicle.
RF Relay Attack Reported in 2017
On November 28, 2017, Police in West Midlands, UK released video footage showing criminals stealing a car by relaying a signal from the fob key inside the home to the car in the driveway. This fob replay attack effectively allows thieves to unlock a vehicle and start the ignition then are able to drive off with the vehicle undamaged. Later on, the thieves swap out the VINs, and reprogram new key fobs to work with the stolen vehicle.
Defcon Cyber Security and Hacker Conference Focus on Vehicle Exploitation in 2018
In 2018, Defcon, a popular cybersecurity event, attended by black and white hat hackers, featured its first Car Hacking Village. During that convention, a good deal of technology related vulnerabilities on vehicles were shared. Both White and Black Hat hackers attend these events. The Black Hats are the bad guys that seek to use security vulnerabilities to exploit weaknesses and commit crimes.
Motor Vehicle Theft data sets have yet to be released for 2021 for the entire United States. Early indicators show these types of crimes are experiencing rapid growth across the US.
High end vehicles are more likely to have keyless entry and remote ignition starting capabilities. They can also fetch a higher dollar amount when resold outside the US. As a result, according to New Jersey state police officer Cory Rodriguez, “Car theft in 2021 is up over 21% year-to-date for total thefts and about 44% for high-end vehicles.” Reports have indicated that thieves are using technology to execute vehicle thefts more efficiently and without immediate detection.
Chicago Motor Vehicle Thefts Climb with Fewer Arrests Made in 2021
Chicago Police Officers have witnessed thieves using laptops and other cyber tools to accelerate their ability to quickly steal locked vehicles. Data compiled from the City of Chicago website shows that “Motor Vehicle Thefts” across the city are accelerating at an alarming rate. The problem isn’t specific to Chicago and vehicle thefts appears to be increasing across the country as well.
Doorbell video: Car thieves use computing device to steal SUV in Metropolitan ChicagolandElmhurst – Video by WGN News
In Chicago, February 2021 crime statistics reported a total of 627 Motor Vehicle Theft incident reports filed. Of those reports, only 26 (4.1%) resulted in an arrest. Comparatively, last month in January 2022, there were 1,073 Motor Vehicle Theft related police reports filed, with only 20 (1.8%) of those resulting in an arrest.
Our data analysis of Chicago Crime statistics for the 12 month period beginning February 2021 until January 2022 indicates that there were a total of 10,823. Motor Vehicle Theft incidents reported. This equates to 395 per 100,000 persons based on Chicago’s 2021 estimated population of 2,739,797.
Vehicle thefts on the rise throughout the USA
Vehicle theft isn’t just rising in Chicago. In fact, Chicago doesn’t even rank among the top 20 US cities in vehicle thefts. For example, California, Texas and Florida are continually among the top states in vehicle theft per capita. Bakersfield, California has been the top city in vehicle thefts since 2019 and in the top 10 even longer. The rate of vehicle theft went up almost 25% from 2019 in Bakersfield in 2020.
(Denver statistics filtered for reports coded as any of the following; “burg-auto-theft-busn-no-force”, “burg-auto-theft-busn-w-force”, “burg-auto-theft-resd-no-force”, “burg-auto-theft-resd-w-force”, “robbery-car-jacking “, “theft-items-from-vehicle”, and “theft-of-motor-vehicle”) California, Texas and Florida lead the states with the greatest number of vehicle thefts and accounted for 37% of all Motor Vehicle Thefts in the nation, based on 2020 National Insurance Crime Bureau statistics.
Since the start of the pandemic, there has been much disruption in some industries. Many businesses have been challenged during the pandemic as a result of the difficulty of managing cyber and data security. Data breaches relating to remote workers and hacking of corporations continue to escalate at an alarming rate, require prompt response to mitigate the fallout.
There have been several significant shifts in the ways that businesses operate and their reliance on digital systems. Many businesses moved to a largely remote working model. Some have had to focus more on online activities in order to keep their brands active and visible. Businesses in a number of industries began to deliver products and services online for the first time. Meanwhile, those that already existed in online spaces saw an increase in business. All of these changes have meant that various security issues have arisen and become more prominent for businesses everywhere.
Increase in corporate data breaches
Cybercriminals have been taking advantage of the unprecedented circumstances caused by the pandemic, exploiting the vulnerabilities of businesses everywhere. Verizon carried out a recent study called ‘Analyzing the COVID-19 data breach landscape‘, which looks at 36 confirmed data breaches that were directly related to the pandemic. In addition, there was 474 data breaches between March and June 2020. Using this data, they determined that many cybercriminals were using the same methods to obtain data as before the pandemic while exploiting the disruption experienced by many businesses.
One way in which corporate data breaches have been impacted by the pandemic is through increased use of ransomware. Seven of the nine malware incidents from Verizon’s 36 COVID-19 data breach cases demonstrated a spike in ransomware usage. Another change is in the way that criminals use phishing emails to play on the emotions of users. In a time when stress is high and mental health problems have increased, many people are more susceptible to phishing emails. Phishing was already a popular and often successful form of cyber attack before and even more so now.
Cost of data breaches for companies hit a record high in 2021
The cost of a data breach also hit a record high during the pandemic, according to IBM Security. They revealed the results of a global study showing the average cost of data breaches for companies surveyed was $4.24 million per incident. This is a 10% increase from the previous year. When remote work was a factor in the breach, data breaches cost an average of $1 million more. Stolen user credentials were the most common cause of data breaches. However, the study also showed the use of methods such as AI, security analytics, and encryption helped to reduce costs.
The COVID-19 pandemic has affected corporate data breaches due to a number of shifts in the way businesses are working, user behavior, and more. It’s vital for companies to take the right steps to prevent breaches and protect themselves.
If your company recently fell victim to a cyber attack, such as ransomware, or suspected data exfiltration by an unknown hacker, call Enigma Forensics today. We offer emergency incident response services and can help preserve available data, identify the origins of the attacker, and assist with the restoration of company services. Our experts have experience testifying and helping to mitigate risk and maximize your potential of recovering damages and lost data. Call us today at 312-668-0333 for a complimentary consultation.
Apple has filed a lawsuit against NSO Group relating to their installation of Pegasus spyware on Apple users’ devices. Apple wishes to hold NSO Group accountable for their surveillance of users.
Apple has taken the significant step to begin notifying individuals about the threat of state-sponsored attacks on their accounts and devices. Apple is suing NSO Group and its parent company to attempt to hold them accountable for surveillance of Apple users. Their lawsuit, filed November 23, 2021, seeks an injunction to ban NSO Group permanently from using any Apple software, services, or devices. It comes after NSO Group has been shown to have infected Apple users’ devices with Pegasus spyware.
Apple’s Actions to Notify Impacted Users
Apple threat notifications are intended to provide warnings to individuals who may have been targeted by state-sponsored attacks. They use two different methods to notify the user through their account. When logging into appleid.apple.com, there will be a Threat Notification displayed at the top of the page. Additionally, the user will receive an email and an iMessage notification to the email addresses and phone numbers associated with their Apple ID account. The notifications offer advice on the steps that they can take to improve their security and protect their devices and personal information.
In a press release, Apple’s senior vice president of Software Engineering, Craig Federighi, said, “State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change.”
NSO Group Allegations
The legal complaint from Apple reveals new information about the activities of NSO Group. It highlights FORCEDENTRY, which exploited a former vulnerability to gain access to Apple devices and install the NSO Group’s spyware Pegasus. The lawsuit from Apple intends to both ban NSO Group from having access to Apple products and services and to seek action on the violation of federal and state law by the NSO Group.
WhatsApp Similar Litigation
In 2019, WhatsApp also brought a court case aiming to hold NSO Group accountable for distributing their spyware through the app. A group of other tech companies, including Google and Microsoft, lent their official support to WhatsApp to encourage the United States Court of Appeals for the Ninth Circuit to hold NSO Group accountable.
Apple responds by funding Cyber Threat Research
Apple has also announced a $10 million contribution in support of cyber-surveillance researchers and advocates. Any damages from the lawsuit have also been pledged to organizations in these areas. Apple is also supporting Citizen Lab, a research group at the University of Toronto that originally discovered the exploit that NSO Group used, by providing technical, threat intelligence, and engineering assistance at no charge. They will also provide assistance to other organizations doing work in the same field, where appropriate.
Ron Deibert, director of the Citizen Lab at the University of Toronto said, “Mercenary spyware firms like NSO Group have facilitated some of the world’s worst human rights abuses and acts of transnational repression, while enriching themselves and their investors. I applaud Apple for holding them accountable for their abuses, and hope in doing so Apple will help to bring justice to all who have been victimized by NSO Group’s reckless behavior.”In response to the complaint, NSO Group replied, “Thousands of lives were saved around the world thanks to NSO Group’s technologies used by its customers”. They said, “Pedophiles and terrorists can freely operate in technological safe-havens, and we provide governments with the lawful tools to fight [them]. NSO group will continue to advocate for the truth.”
When you’re requesting that a defendant produce medical records from their Health Information System (“HIS”), it can be difficult to know where to start.
Below, we’ve laid out the database table names for Synapse PACS, providing a roadmap to the data you’re seeking. It is possible to generate an EMR audit log using data from any of the listed tables that delineates specific fields contained within those tables.
Sometime in the near future, we will be adding detailed table field pages to show the types of fields contained in each of the listed tables. In the meantime, if you are seeking discovery of the audit trail logs for any Synapse PACS HIS, we are happy to provide a complimentary consultation.
