Data breaches, like lawyers in Washington D.C., are everywhere. Nobody is above attack — hotels, retailers, film studios, tryst-sites, even the ASPCA all have been targets. Therefore, it comes as no surprise that, according to the 2015 ABA Legal Technology Survey Report, 15% of law firms have reported experiencing a data breach. I would suggest that number is, likely, extremely under-reported. Lawyers love their data and information. It is there stock-in-trade, and it is not given up without a fight. So, if it’s taken from them, stolen, it’s probably not something they would openly admit.
Law firms and the client and deal-data they hold are high value targets. This point has been underscored — and effectively marketed — by what is being called the biggest online leak in history when a reported 11 million documents (roughly 2.6 terabytes of data) were allegedly extricated from a Panama-based law firm. Notably, these headline grabbing “Panama Papers,” are said to reflect money laundering to offshore private accounts by a number of world leaders and senior government officials. Moreover, the value of law firm data is so highly regarded that a Ukrainian cyber-fence/broker named Oleras actively recruited and directed hackers to access U.S. law firm networks. The result of this effort was the systematic targeting of nearly 50 elite law firms to collect confidential client information for, assumingly, financial gain; while having the ancillary effect of rattling client confidences.