In October 2025, DocketWise (a cloud-based immigration case management platform for law firms) discovered that credentials to one of its third-party partner repositories had been accessed by unauthorized individuals. The investigation confirmed that attackers used valid credentials to clone certain third-party partner repositories, some of which were used in a data migration pipeline for the DocketWise application. The repositories contained unstructured data belonging to DocketWise’s law firm customers, including personal information of their immigration clients. Approximately 116,666 individuals were affected. Highly sensitive data was exposed including names, Social Security numbers, dates of birth, driver’s license and passport numbers, financial account details, payment card information, medical records, and login credentials — particularly sensitive given the immigration context. DocketWise did not begin notifying affected individuals until April 3, 2026 — approximately 5-6 months after discovery — potentially violating state breach notification laws. Multiple class action law firms including Edelson Lechtzin LLP, Migliaccio & Rathod, and Cole & Van Note launched investigations.