Following the potentially historic data breach of IT management software provider SolarWinds late last year, law firms are dealing with another cyberattack that might hit closer to home. On March 2, Microsoft announced that some users of its Exchange Server were attacked.

Unlike SolarWinds, Exchange’s email, calendar and contacts features are heavily used by law firms of all sizes, observers said, meaning hackers could gain access to personally identifiable information (PII) that triggers data breach notifications and exposes client information.