TWO data security incidents affected immigration law firms and their clients, as detailed by DataBreaches[.]Net. DocketWise, an immigration and case management solution, informed the Maine Attorney General’s Office on 3 April that a September 1 2025 breach affected the personal information of its law firm clients’ clients, with data including names, addresses, Social Security numbers, government IDs and other details.
The firm said the incident involved unauthorized access to credentials used to clone third‑party partner repositories used in a data migration pipeline, and that 116,666 people were affected, including 13 Maine residents; no ransom or extortion demand has been reported, and there is no evidence that the incident targeted immigration firms.
Separately, on 5 March a misconfigured Amazon bucket exposed approximately 111,000 files belonging to an immigration law firm in New York City, prompting DataBreaches to alert Dalbir Singh and Associates, PC and Sprint Legal LLC, though it is unclear if the bucket’s data relates to DocketWise. The bucket was secured the following day, and DataBreaches notes that any notification to clients remains unknown.