Law Firms Vulnerable to Hackers

I recently read a New York Times article about three men who made millions by hacking merger and acquisition lawyers.¹ The piece underscores what I perceive to be a current trend. Because law firms are key targets for hackers due to the firms’ highly sensitive and profitable data, many legal organizations now realize that they are fighting an uphill battle. With technology rapidly advancing, hacker capabilities improving and data growing exponentially, many law firms are aware that maintaining security could mean hiring a small army of technology/security specialists and constantly investing in updated software and hardware. The potential cost is enormous and usually not a high priority for law firms, which tend to focus their efforts on activities that add to the bottom line. One alternative approach is to hire experienced service providers that can effectively manage the firm’s most sensitive data. This allows the firm to better focus on what it does best: practice of law.

The key issue, as the Times article points out, is that a firm’s email communications and client data in the form of electronically stored information could be a gold mine for hackers. Whether their clients are being sued, investigated or in the process of being bought or sold, law firms often have sensitive client documents stored in internal eDiscovery systems. Hackers go after the weakest link in the data security chain to get their prize. I suggest that if a law firm is not willing or able to invest internally in the necessary people, processes and technology to secure their clients’ data, then outsourcing to service providers that offer the expertise to meet this challenge is a strategy well worth considering.

Feel free to visit the Legal Services page of our website for more insight on industry trends including case histories, white papers, research reports and more.

1. Picker, L. (2016) “3 Men Made Millions by Hacking Merger Lawyers, U.S. Says.” New York Times, December 27, 2016.