Lessons Learnt from Law Firm Breach


The largest currently known data breach that hit Panamanian law firm Mossack Fonseca this week is understandably high profile in the world’s media. Over 11.5 million documents, 2.6TB of data and disclosures of possible tax avoidance by high profile world figures has been sent to the International Consortium of Investigative Journalists (ICIJ).  This story will be prominent for some time, but what lessons can businesses learn from it?

From a cyber security standpoint, this scale of data breach could be seen as inevitable but there are a number of key lessons that can be learned.

As we have stated on many occasions, every business and organisation is vulnerable.  Whilst you would expect those holding sensitive and confidential information to be rigorous with their data security, it shows that even the supposedly most sophisticated organisations can have vulnerable areas and weak spots that can and will be exploited by cybercriminals.  On its website, Mossack Fonseca presents its ISO 9001 certification and other security credentials as indications of its trusted status.  Early reports on the breach suggest that emails within the organisation were not encrypted with TLS protocols and the sheer volume of data released suggests that systems and processes were not protected to the level one should expect from a business trading in this sector.

Whilst this should act as a cue to all organisations, those within the legal sector should take this as a blunt reminder of just how vulnerable and at-risk they are.  By virtue of the nature of their businesses, legal firms hold substantial quantities of personal and financial data and should they suffer a breach, their reputation is likely to be irreparably harmed.

Additionally, organisations with a lower profile could be lulled into a false sense of security and believe they may be ‘under the radar’.  The reality is that those businesses are seen by cyber attackers as soft targets as they tend to be less secure and as such, open to automated attacks which can quickly harvest sensitive and valuable data such as credit card data, valuable intellectual property and customer contact information.

So what are the important lessons to learn from this? Here are four of the big ones:

  1. Locate your data. Yes, this sounds obvious but can you honestly say you know where data resides in your organisation and who has responsibility for it? Start asking questions now.  Find out who has data in your organisation, how and when they are using it and how is the use monitored?
  2. Review your data policies. Let’s assume you have published data policies.  When were they established and are they still current?  Have all the responsible managers physically signed acceptance to the policies and how often are reviews conducted?
  3. Conduct a data audit. Realistically, you are too close to the organisation to do this yourself.  You need an external expert who can look objectively at how your business uses data and identify where the processes need reinforcing and if you need new solutions to support your growing business now and into the future
  4. Evaluate new tech solutions. There are a number of new security and mobility solutions that will monitor, isolate, identify and remediate attacks and back up data.  Which options will work for your organisation?  Speak to independent IT security and mobility experts and find out what’s best for your business.

Now is the time to act.  Use this high profile breach to push data security up the agenda and reduce the risk of critical harm to your organisation’s reputation and financial well-being.



  • BYOD
  • Cloud
  • Cloudknox
  • CRN
  • Cyber
  • Hacking
  • Microsoft
  • Mobile App
  • MobileIron
  • Ransomware
  • Remote Working
  • SentinelOne
  • UEM

  • Free IT Security Solutions. Here To Help, When You Need It Most.

    Many of our trusted partners have rallied around to support in this challenging time. Listed of our technology partners offering FREE support at this time.

  • Combat Threats in Multi-Cloud Infrastructure

    When critical workloads can be deleted with a keystroke, understanding and managing privileges for all identities across your clouds is critical.

  • 0


    top 100 law firms experiencing an attack rising from 45% in 2013/14 to 73% in the most recent financial year.



    over £11 million of client money was stolen due to cybercrime