The risk we have is incredibly real because of the sensitivity of the information we hold

Ropes & Gray privacy and data security partner Rohan Massey said: “The risk we have is incredibly real and we are now as a sector being targeted because of the sensitivity of the information we hold.

“As a profession we do need to ensure that our houses are safe and maybe we lag behind because we focus on clients.”

Philip Lieberman, president of Lieberman Software, said clients should be aware of the risks of law firm data breaches and satisfy themselves that a firm has necessary security measures in place before trusting them with information.

“There are some law firms with excellent automated and adaptive cyber defence capabilities, but many are stuck in the dark ages of wigs, candles to read by, and quill pens to write with,” he added. 

Private client partners in London agree clients will have questions around the security measures firms have in place following the leak.

“I’m sure there will be clients who are worried – they will read about it and wonder,” said one.

“We and other law firms constantly review whether we are as protected as we can be from hacking but any email is potentially disclosable and you have always got in the back of your mind ‘hopefully it will never happen to us’. Everyone is vulnerable and if you have got a rogue employee that’s just life.”

I’m sure there will be clients who are worried – they will read about it and wonder

In a statement to The Guardian Mossack Fonseca said: “We are responsible members of the global financial and business community.

“We conduct thorough due diligence on all new and prospective clients that often exceeds in stringency the existing rules and standards to which we and others are bound.

“Many of our clients come through established and reputable law firms and financial institutions across the world, including the major correspondent banks, which are also bound by international ‘know your client’ protocols and their own domestic regulations and laws.”

Others suggest that the stringent regulations in the UK around data protection and due diligence before taking on a client mean the chances of a similar data breach happening in the UK are slim.

Maurice Turnor Gardner partner, Richard Turnor, said: “Any UK law firm has been subject to anti-money laundering rules for years and before you take on a client you have to know who they are and consider if there are any concerns from a money laundering point of view.”

“All law firms, quite frequently, are unable to proceed with taking on a client because we are not satisfied,” he added.

Another private client partner added: “The best protection is to make sure you are not acting for people who have laundered money in Panama.”

Legal Week’s Strategic Technology Forum will take place on 15-17th June in Portugal. To view the programme click here. For sponsorship enquiries contact Peter Connolly on [email protected] or +44(0) 207 316 9426