Proskauer Rose, a global law firm based in New York, is investigating a data exposure incident in which information from its mergers and acquisitions practice was left on an unsecured cloud server for over six months. TechCrunch first reported the incident, and Proskauer stated on Friday confirming the incident and acknowledging that the data was exposed in a cyberattack. The law firm did not identify the type of data that was exposed.
In the statement, Proskauer said that an outside vendor had been retained to create an information portal on a third-party cloud-based storage platform, which was not adequately secured. Proskauer’s tech security team learned of the incident and resolved the issue two weeks ago. The law firm stated that its IT security team immediately took steps to reconfigure the site and secure its data. Proskauer is working with in-house and third-party cybersecurity experts to investigate the incident and confirm their understanding of the facts. The law firm also said it would communicate promptly with all affected parties as soon as it gains sufficient information to responsibly do so.
Proskauer emphasized that their data protection is taken incredibly seriously and that they take aggressive steps to monitor and protect against any unauthorized access or use of that data. The law firm stated that it is an ongoing investigation and would communicate promptly with all affected parties as soon as it gains sufficient information to do so responsibly.
The incident highlights the need for proper cybersecurity measures in the legal industry. According to Law360 and Bloomberg Law, some BigLaw firms face legal issues due to exposed data. The U.S. Securities and Exchange Commission sued Covington & Burling in January to obtain the names of 298 publicly traded clients affected by a 2020 cyberattack. Meanwhile, two proposed class actions were filed against Smith, Gambrell & Russell in March over a July 2021 cybersecurity breach. The suits allege that the firm failed to safeguard client information and waited too long to disclose a hack of its cloud-based database.
Submit your job openings with BCG Attorney Search and start building your dream team.
Proskauer has not yet faced any legal action concerning this incident. The law firm is taking measures to mitigate the damage and is working to ensure that similar incidents do not occur in the future. As the legal industry continues to face cyber threats, it is important for law firms to take proactive measures to protect their clients’ data and safeguard their reputations.