Law Firm Cybersecurity: See Which Firms Reported a Data Breach From

A investigation finds that law firms are falling victim to data breaches at an alarming rate, exposing sensitive client and attorney information. These incidents, most unpublicized before now, may just be the tip of the iceberg.


“Law firms are only going to make those reports when they’ve confirmed through a forensic investigation that reportable information has been touched,” said Austin Berglas, former head of the FBI’s cyber breach unit in New York and now global head of professional services at cybersecurity company BlueVoyant. “They’re not going to report every event, every spearfishing campaign—they see it every day.”


About 20 states and the District of Columbia don’t require law firms, to report data breaches to state authorities.