Protecting small firms from computer disasters
Cart 0

Exposure of Your Clients' Social Security Numbers and More

breach protection

Criminal hackers are regularly targeting smaller law firms as well as larger ones.

The ten-lawyer firm of Cohen Cleary was hit with litigation by clients that alleges:

[T]he “massive and preventable cyberattack” was a direct result of the firm’s failure to implement sufficient data security practices to safeguard consumers’ sensitive information, which the law firm allegedly stored in its systems unencrypted and unprotected.

You are not safe enough if you rely solely on your firewall, computer passwords and antivirus software to protect sensitive client information.

Theft of private client information

Cyber criminals struck the fourteen-lawyer firm of Spear Wilderman, specialists in representing labor unions. Their stolen client information includes:

  • Social Security numbers
  • Dates of birth
  • Driver’s license numbers
  • Credit card numbers
  • Bank Routing numbers
  • and more.
According to the litigation:
[C]ybercriminals were able to “easily” hack Spear Wilderman’s network because the law firm stored personal information in a database that could be accessed without a password or multifactor authentication. ... [V]ictims’ unencrypted information has already been listed for sale on the dark web, exposing them to a “substantial and imminent” risk of identity theft and fraud.

How can you protect against the compromise of your clients' sensitive infomation?

The best defenses are shields that stop criminals from connecting to your computers in the first place. Antivirus software simply is not enough. It acts to quarantine malicious code after it is downloaded to one of your computers.

You need antivirus protection, but it is porous. Additional shields can block access to the infected links and webpages before malware even starts its trip down to your computers.

Large firms have the resources to pay for and maintain expensive technologies such as:

  • Secure Web Gateway
  • Intrusion Detection and Prevention
  • Security Information and Event Management
  • Network Access Control
  • Email Security Gateway

Small law firms have options, too, but they are harder to find.

Today's increasingly widespread, automated attacks continue to raise the risks for firms of all sizes. You owe it to your clients and your firm to match your defenses with these threats.

No one wants to be in the position of having to explain to clients that their private information has been stolen, let alone face the litigation filed against the small firms, Spear Wilderman, and Cohen and Cleary.

Do you have questions about how to protect your firm? Let us know! Contact us...

Wells H. Anderson, J.D.  

Older Post

Leave a comment

Please note, comments must be approved before they are published