Extract from Robert Hilson’s article “‘Where Is My Data?’ If You Can’t Answer, It’s Time to Wake Up”
About four years ago, on this very blog, we published a post entitled: Law firms’ inability to protect client data is a national security concern. Scaremongering? Some said so.
But on the heels of reports in the Wall Street Journal and Fortune that Chinese state actors had hacked the email accounts of multiple Big Law partners, it would’ve been tough in the moment to mount an opposing argument.
In that instance, cybercriminals methodically siphoned valuable business intelligence an email per hour to external servers. And while the victim firm said that the breach was “limited” and that it was not aware that any of the accessed information had been used improperly, it also didn’t realize the breach had even occurred until day 93 of the ongoing attack.