Law Firms Are Getting Hammered

Law Firms Are Getting Hammered by Cyberattacks: Cybersecurity Trends

A couple of tips on articles, plus my own research has made me realize that law firms are getting hammered by cyberattacks, perhaps like never before.

Articles from Bloomberg Law, The American Lawyer (here and here) and Insurance Journal were among the sources for some of the recent cyberattacks and stats below. Here are some of the law firms with recent hacks:

  • Bryan Cave Leighton Paisner (BCLP): Experienced a breach in late February that exposed the personal data of 51,110 current and former employees of Mondelēz International, the snack food company that makes Oreo cookies and Ritz crackers. Those employees were sent notices in June. BCLP has been sued in a class action lawsuit filed in the Northern District of Illinois, where the complaint took issue with the three-month period between the hack and the breach report, accusing the law firm and the company of leaving the employees vulnerable to identity theft.
  • Loeb & Loeb: Their data breach occurred in June 2022, while notification occurred nearly a full year later, according to a report filed to the California Office of Attorney General. As stated in the notification, the breach impacted “certain information related to current or former clients and employees.”
  • Gibson, Dunn & Crutcher: An unauthorized third party reportedly accessed two electronic file repositories at their Massachusetts office. Public records indicate three residents of the state had Social Security numbers and driver’s license numbers accessed by the third party; the firm declined to say whether any client data was accessed.
  • Orrick Herrington & Sutcliffe: According to the Massachusetts Office of Consumer Affairs and Business Regulation, Orrick suffered an electronic data breach that impacted six Massachusetts residents, although the firm’s filing did not indicate any key personal information was compromised.
  • Proskauer Rose: Large tranches of sensitive client information were found to be publicly accessible from its cloud-based site, after a third-party vendor who was contracted to set up the cloud site on Microsoft Azure “misconfigured” the site’s security, which left the client data on the site vulnerable to an unauthorized actor and anyone else with access to the internet.
  • Cadwalader, Wickersham & Taft: Experienced a cyberattack in November that prompted it to wipe the hard drives of firm-issued computers and take many of its internal systems offline for weeks—including email, document management, remote desktop access, and Wi-Fi and phone networks.
  • McCarter & English: A security breach at this New Jersey-based law firm in April 2022 left attorneys without access to email and remote work systems.

Those are just a few examples where law firms are getting hammered by cyberattacks. According to American Lawyer, law firm data breaches compromised the personal data of at least 720,000 Americans in 2021, up from 46,000 Americans in 2020 and fewer than 20,000 in the previous six years.

Are things any better over in Europe? Apparently not. French and British authorities say that hackers-for-hire are increasingly targeting law firms in a bid to steal data that could tip the balance in legal cases:

  • The London-based National Cyber Security Centre (NCSC) said in its report published on June 22 that it was increasingly seeing “hackers-for-hire” brought in “to gain the upper hand in business dealings or legal disputes.”
  • France’s cyber watchdog, known as ANSSI, said in its report released on June 27 that “mercenaries with offensive cyber capacities” were increasingly targeting the legal sector. ANSSI cited Reuters reporting last year on how mercenary hackers based out of India were being drafted to help sway high-profile cases in the United States, Europe and elsewhere.

All this is enough to make anyone ANSSI, er, antsy. The use of hackers to help sway cases is a unique threat for law firms (as if they didn’t have enough already) and helps explain why law firms are getting hammered by cyberattacks, perhaps like never before. Which means their clients are getting hammered by extension.

So, what do you think? Why do you think we seem to be seeing more cyberattacks on law firms than ever? Please share any comments you might have or if you’d like to know more about a particular topic.

Hat tip to Twilla Case, Debbie Reynolds and Terry Kurzynski for the tips on the articles!


Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.


  1. PART 1 : There is nothing new here. As the FBI has noted, law firm attacks began in earnest in 2012 and have never stopped, spiking each year. Although two things you mention are kind of new: (1) the increase in the number of “hackers-for-hire”, and (2) the “offensive cyber capacities” have grown through simple, off-the-shelf variants. We have been covering these attacks on law firms since the inaugural Georgetown Law Cyber Conference in 2013, and the flurry of activity in 2016 (see links in PART 3 of this reply).

  2. PART 2 : And if you read any of the reports from Crowdstrike or Mandiant or even CyberBrief, you’ll know Accellion FTA and ALPHV are still alive and well and active and being found in many law firms. And the SolarWinds APT is still being found. So, yes, cyberattacks on law firms will spike and it will continue to be whack-a-mole time. As recently noted by Steve King, a Cyber Sensei, we haven’t seen anything yet 🤷‍♂️

Leave a Reply