Top 6 Cyber-Attacks on Law Firms
"Law firms have been victims of some of the most damaging hacks in recent history." - ABA Journal
Law Firms have increasingly become major targets for cyber-attacks. Practices of all sizes are at risk as they handle many types of sensitive data yet are intimidated by applying necessary safe guards to secure it. Protecting data is the most critical step all law firms must enforce but many put it off assuming they'll never be targeted.
These are the top 6 data breaches in recent history according to the ABA Journal:
1. PANAMA CITY
Panama Papers—More than 11.5 million documents from the Panama-based law firm Mossack Fonseca were leaked to the public. The information leaked was 2.6 terabytes of data, which is more than the contents of the Edward Snowden National Security Agency leaks and the 2010 WikiLeaks documents combined. The International Consortium of Investigative Journalists combed through hundreds of thousands of documents to reveal the law firm’s involvement in helping to create more than 200,000 shell corporations for tax evasion purposes. The fallout has been substantial. Iceland Prime Minister Sigmundur David Gunnlaugsson resigned after accusations of fraud, and Jose Manuel Soria, the minister of industry for Spain, also resigned after information came out about his family’s offshore accounts. Uruguay also arrested five people for money laundering associated with Mexican drug cartels.
2. NEW YORK CITY
Cravath/Weil—On March 29, 2016, the Wall Street Journal reported that hackers had broken into the files of some of the biggest law firms in an insider-trading scheme that involved planned mergers. Although the Manhattan U.S. attorney’s press release didn’t name the firms, news media matched details in the release to law firms that represented parties in the mergers and named Cravath, Swaine & Moore and Weil Gotshal & Manges as being victims of the hack. The press release linked the hacks to three foreign nationals who used information stolen from the firms for insider trading, gaining more than $4 million.
Oleras—In February 2016, an alert went out to 46 law firms in the United States and two law firms in the U.K. that Ukraine-based hacker Oleras was advertising phishing services on a Russian website. According to the Wall Street Journal, this was related to the March 2016 breaches of major law firms.
Thirty Nine Essex Street—On Feb. 24 and 26, 2014, the U.K. firm Thirty Nine Essex Street was cyber-attacked. Booz Allen Hamilton, a technology consulting firm, reported that the attack was most likely from the Russian state-sponsored group Energetic Bear. This group is linked to hacking utility companies in the United States and Europe in 2014.
Trust Account—In December 2012, a Toronto-based law firm was hit with a computer virus, which stole a six-figure amount from the firm’s trust account. The hackers installed a Trojan horse virus to get access to passwords to the firm’s bank accounts.
6. WASHINGTON, D.C.
Wiley Rein—Also in 2012, Wiley Rein, one of the largest law firms in Washington, D.C., was hacked, most likely by Chinese state-sponsored operatives. According to Bloomberg News, the hackers wanted information related to SolarWorld, the German-based manufacturer that produces solar panels. SolarWorld’s computers were hacked at about the same time.
Tritium Information Security provides enterprise level assessments at affordable prices. We customize solutions that fits your business’s needs. We not only help remediate system flaws, but also test that the implemented updates in your security policy improve the protocols in place.
Take Tritium's FREE online security assessment today and discover where your business stands.
Don’t become a victim, protect your clients and take your free online assessment today!
Source: American Bar Association Journal