Law firms are low-hanging fruit in the cybercriminal world. Patrick Fallon Jr., assistant special agent in charge of the FBI’s Pittsburgh field office, explains, “Law firms are a rich target. They don’t have the capabilities and the resources to protect themselves. Within their systems are a lot of the sensitive information. … Therefore, it’s a vulnerability that the bad guys are trying to exploit, and are exploiting.”

Furthermore, following the recent flood of law firm data breaches including Cravath, Swaine & Moore and Weil, Gotshal & Manges, “plaintiffs law firms are already planning to bring class action legal malpractice litigation against legal industry players over the exposure of clients’ information.”