Most Commonly Reported Breach Incidents by Lawyers and Law Firms

By Albatross Editorial Team

Client data is unarguably the most vital asset that a law firm has, making the protection of said data one of the most essential tasks a lawyer has. Unfortunately, incident breaches resulting in the loss, theft, or disclosure of data happen; When this occurs, law firms are required to act immediately to identify, notify, and resolve the issue. You learn more about what to do in the case of a data breach incident here.

Information on over 100 filed law firm incident breach reports from 2019 was gathered recently by Law.Com. While this is already a substantial number, it’s reported that experts in cybersecurity indicate the number is much higher than that.

We’ve listed the incident breaches in accordance with the category below for reference.

  • Inadvertent Disclosure (e.g., accidental sharing of information by an employee or service): 26
  • Loss or Theft of Device or Media (, laptop, external hard drive, thumb drive, CD, tape): 30
  • Insider Wrong-Doing (e.g., purposeful misconduct of an employee): 3
  • External Systems Breach (e.g., hacking): 62
  • Other: 7

The numbers above reveal an unsettling bit of information - external systems breaches, like hacking or ransomware, are responsible for the majority of incident breaches. While all businesses are open to cybersecurity problems, law firms are viewed by security experts as being especially open to hacking and theft; This is due to the substantial amount of sensitive data law firms have on clients at any given time. When data breaches occur, they expose not only the law firm but the law firm’s clients, which can open the door to a variety of issues depending on the severity and nature of the incident.

According to ABA Formal Opinion 483, “Lawyers’ Obligations After an Electronic Data Breach or Cyberattack”:

“Data breaches and cyber threats involving or targeting lawyers and law firms are a major professional responsibility and liability threat facing the legal profession. As custodians of highly sensitive information, law firms are inviting targets for hackers. In one highly publicized incident, hackers infiltrated the computer networks at some of the country’s most well-known law firms, likely looking for confidential information to exploit through insider trading schemes. Indeed, the data security threat is so high that law enforcement officials regular regularly divide business entities into two categories: those that have been hacked and those that will be.”

While the breach incident numbers are indicative of a problem, they provide a reasonable basis for lawyers and law firms to maintain high-security standards and practices to protect them and their clients. When lawyers and law firms take proactive steps to prevent data theft and loss, it dramatically reduces their chances of becoming victims of cybersecurity. Some standard security practices all firms should consider are:

  • Developing a comprehensive security plan for the prevention and handling of cybersecurity.
  • Establishing clear security expectations of employees.
  • Creating an inventory list, including serial numbers, of all software and hardware used by employees.
  • Maintaining antivirus software on all company computers and devices.
  • Hiring an IT company or IT professional to ensure the most up-to-date security measures are taken.

Hire Us to Manage Your Tech

With Exceptional Tech Support

24 / 7 Help Desk

Let's face it, downtime, hiccups and technical challenges are unavoidable in every business and they can be frustrating and downright costly.

Our Solution

  • Any time 24/7 access to live person that can help
  • Proficient help desk staff means quick resolution
  • We are very friendly
  • Dedicated consultants that understand your environment

Software Challenges

  • Every small business relies on a handful of software to operate smoothly  (Outlook, Office 365, G-Suite, MS Office, Word, Excel, Adobe Acrobat, Cloud Software, QuickBooks)
  • Software needs updates, can be buggy and just simply doesn’t always work
  • Employees may need a hand in getting something done (exporting printing as PDF, shrinking an image, etc.)

Our Solution

  • We manage your software 
  • Your users can open tickets and we can help them live 
  • Software updates are all done by us

The Challenge with Laptops

  • Computers Break
  • Laptops get lost or stolen
  • Need to be replaced periodically and requires budgeting and installations costs

Our Solution

  • Desktops are Automatic and cloud based
  • No desktop or stolen laptop issues
  • Hardware is seamlessly upgraded
  • Performance is guaranteed

Malware is a Real Problem

  • Small Business are infected by viruses and malware at unprecedented levels
  • Malware can cost you money to fix if you are lucky to recover your data
  • Data leaks and breaches can put you out of business

Our Solution

  • Our seucirty packages are standard and include anti-malware
  • Employee controls are in place to prevent installation or download of malicious software
  • We are fast at identifying and responding to incidents to minimize any damage
  • Backups are automatic with every plan so you will never lose your data.

The Challenge with Printers

  • Printers run out of ink
  • Printers suddenly stop printing
  • Printers fall offline

Our Solution

  • Our staff is on standby to support your printers 24/7
  • We identify root causes to printer issues to avoid recurring problems.

Vendor Challenges

  • Too many tech vendors to manage (ISPs, Software vendors, hardware, apps)
  • Creating tickets is time consuming and frustrating process
  • Many issues are left unresolved with vendors because of poor support

Our Solution

  • We provide 24/7 support on your vendors
  • We open tickets for you and follow up till resolution
  • Our existing relationships with vendors allows us to efficiently navigate the vendor support process

Employee Management Challenges

  • Employee on-boarding is time consuming (emails, desktops, software) all need to be setup for new employees
  • Employees may encounter issues with access, logins, password. Their downtime can be costly
  • Departing employees require data to be transferred, laptops returned, accounts locked, etc, passwords changed

Our Solution

  • Our cloud option provide quick user setup for new employees meaning quick employee on boarding
  • We lock down the employees that leave and document the changes made

The Need for Monitoring

  • Monitoring is an essential component of any technology-dependent small business
  • Small businesses don’t usually invest in monitoring although it is a key component in preventing issues from happening (such as disk space, updates, high CPU pegs, and other connectivity issues)

Our Solution

  • Monitoring is built into our service, therefore you don’t have to plan, invest or worry about setting things up
  • Monitoring means smoother business operations, we reach out to you before a problem occurs

The Audit Challenge

  • As a small business owner, it is important to be able to prove accountability for compliance or employee reviews
  • Today’s small business don’t have any insight into who is doing what on the system and lack of visibility can mean higher risk

Our Solution

  • Our system is equipped to log every user’s account access from email access to desktop log-ons
  • We can provide you with reports that you need 

Learn about Legal Workspaces