They write…”More Than 100 Law Firms Have Reported Data Breaches. And the Problem Is Getting Worse A Law.com investigation finds that law firms are falling victim to data breaches at an alarming rate, exposing sensitive client and attorney information. These incidents—most unpublicized before now—may just be the tip of the iceberg.”
The introduce their piece by saying..
Despite a number of high-profile breaches putting firms on notice of cyber risks in recent years, there are indications that law firm breaches are occurring more frequently, not less.
For instance, in New York state, the number of unique law firm data breaches doubled to eight in 2018 from four the previous year, affecting nearly 1,500 individuals, according to reports submitted by the firms.
Some cybersecurity lawyers and consultants said the reports likely represent a tiny fraction of the breaches affecting the legal industry. Law firms, like other privately held businesses, don’t often publicize when their data is breached, and many may not report it to state officials, depending on the law.
Austin Berglas, former head of the FBI’s cyber branch in New York and now global head of professional services at cybersecurity company BlueVoyant, said law firms are a top target among hackers because of the client information they possess.
“They are a one-stop shop,” Berglas said. And because law firm success is often tied to their reputation for preserving attorney-client privilege, they may be more willing to pay hackers off if they fall victim to ransomware, he added.
“Law firms are only going to make those [data breach] reports when they’ve confirmed through a forensic investigation that reportable information has been touched. They’re not going to report every event, every spearfishing campaign—they see it every day,” Berglas said.
Read full article: https://www.law.com/2019/10/15/more-than-100-law-firms-have-reported-data-breaches-and-the-picture-is-getting-worse/
