Virtual Breaches, Real Liability

CLE session focuses on data breaches, ransomware and attorneys’ responsibilities

A hacker group calling itself Guardians of Peace in 2014 gained access to all of Sony’s servers. Once inside, the group leaked employees’ personal information, emails, executive salary data and unreleased films.

The massive data breach might have seemed unlikely to happen to less high-profile companies. But according to data from the American Bar Association, 14 percent of all law firms have experienced a security breach, a conservative figure because the data collection relied on self-reporting. And 43 percent of those firms have fewer than 50 attorneys.

Cyber security and professional liability experts sent the message to attorneys during a CLE session on Aug. 29: A data breach very much can happen to you, and liability concerns come along with it.

“Law firms are a target-rich environment for hackers,” said Michael Barrett, the risk control director for CNA Financial Corporation’s Lawyers Professional Liability Program. “They do want information, because essentially information is the new currency.”

To read this story and other complete articles featured in the September 4, 2017 print edition of Law Week Colorado, copies are available for purchase online.