The cyber espionage frontier hit a new level this week as reports state that attackers have targeted major international law firms with the intention of obtaining vital M&A information.
Flashpoint, a New York based security firm, published a public warning highlighting the activities of a Russian cyber hacker living in Ukraine scrutinizing the deal information of several big law firms, including Hogan Lovells, Freshfields and Allen & Overy. It could not comment however, on particular details, which have been instead turned over to the appropriate law enforcement bodies.
Another victim of the hack attack, London and New York based law firm Cravath Swaine & Moore, says it was “not aware that any of the information that may have been accessed has been used improperly,” after highlighting that its information had already been breached in 2015. “Client confidentiality is sacrosanct. We will continue to work to ensure our systems are best in class,” it stated.
The Solicitors Regulation Authority says the occurrence goes to prove the need for law firms to evaluate their own security systems in order to keep client information private. “We have raised this numerous times, and we would urge all firms to ensure they have appropriate processes and procedures in place. Any firm which has a data breach that compromises confidential client information has an obligation to let us know,” it says.
Security experts have also pointed out that in the process of M&A deals, law firms are often the “weak link” in terms of privacy.