21 May 2024
A recent analysis of the Information Commissioner’s Office (ICO) data by a data breach law firm, Hayes Connor, revealed that the legal sector is one of the worst-performing sectors for data breaches..png?lu=716)
One in ten data breaches over 2023 occurred in the UK legal sector, showing that UK law firms are attractive targets for cybercriminals. Nearly 86% of the incidents within the legal sector involved breaches of basic personal identifiable information, with instances also prominently affecting sensitive economic and financial data. Additionally, 80 cases of breaches in the legal sector last year involved breaches of children’s data, which Hayes Connor stated raises serious concerns given the vulnerability of such information. The findings also showed the different incident types behind the data breaches, with the number one reason being emails sent to the wrong recipient. In 2023, 70% more phishing incidents and 268% more ransomware incidents were notified to the ICO compared to the previous year.
In in the first half of 2020, law firms reported that nearly £2.5 million of money held by firms had been stolen by cybercriminals, over three times the amount reported in the first half of 2019. Richard Forest, legal director at Hayes Connor, said that law firms are particularly susceptible due to the sensitive nature of the information they handle, such as personal details, business intel, and legal documents.
