eDiscovery Daily Blog

Last Year the Panama Papers, This Year the Bermuda Briefs?: Cybersecurity Trends

Last year, we covered the massive data breach at Panama-based law firm Mossak Fonseca (11.5 million documents, 2.6 total TB – yes, terabytes – of data stolen) that has come to be known as the “Panama Papers”.  Now, a Bermuda law firm has finally admitted to a data breach that evidently occurred last year.

According to The Register (Panic of Panama Papers-style revelations follows Bermuda law firm hack, written by John Leydon), Bermuda-based firm Appleby only admitted it had suffered the breach – which actually happened last year – after a group of journos from the International Consortium of Investigative Journalists (ICIJ), who had seen the leaked information, began asking awkward questions.

In a statement, Appleby denied allegations of any tax evasions or other wrongdoing by itself or its clients while admitting that it was “not infallible”. The law firm went on to state that it had shored up its security since the hack, stating “We are committed to protecting our clients’ data and we have reviewed our cyber security and data access arrangements following a data security incident last year which involved some of our data being compromised. These arrangements were reviewed and tested by a leading IT Forensics team and we are confident that our data integrity is secure.”

The Daily Telegraph (subscription required) reported that the leak involved some of Britain’s wealthiest people, who were said to be consulting lawyers and public relations executives in preparations for possible fallout from the hack.

Hat tip (as always) to Ride the Lightning, who noted that Appleby employs 470 staffers and operates from 10 offices across the world. It has stated that it offers services to global public and private companies, financial institutions as well as “high net worth individuals.”

It seems like a lot of “high net worth individuals” are getting their information stolen these days.  As Willie Sutton was reported to have said about why he robbed banks (though he denied saying it in later years) – because that’s where the money is.  Glad I don’t have that problem!  ;o)

BTW, if the term “Bermuda Briefs” takes off, you heard it here first…

So, what do you think?  What should happen to a law firm (or any organization) that fails to report a data breach in a timely manner?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

print