Hacking into Big Law names like Cravaths, Weil Gotshal and others has raised the stakes in the cyber security threat level for law firms generally.
Investigators are determining whether confidential information has been stolen from the hacking of the firms, who represent some of the biggest corporations in the world.
If data has been stolen for the purposes of insider trading, for instance, then it represents a major problem for law firms seeking to protect their clients, the markets and themselves.
The risks mount almost monthly too, with hackers promising further attacks upon law firms in the US and elsewhere.
The Federal Bureau of Investigation and the Manhattan U.S. attorney’s office are reportedly investigating the hacks.
Cravath told the Wall Street Journal that the hacking involved a “limited breach” of its systems and that the firm was “not aware that any of the information that may have been accessed has been used improperly.”
According to the report, hackers generally retrieve large amounts of information arbitrarily and then analyze it to see how it could be useful. This makes it difficult for investigators to find out whether any information was used for insider trading, experts told the newspaper.
Security firm Flashpoint reportedly issued alerts to law firms in January and February about another threat aimed at law firms, a source told the Journal. “It has definitely picked up steam,” the source reportedly said.
In a prepared statment, Cravath Swaine and Moore said: “Last summer, the firm identified a limited breach of its IT systems. We have worked closely with law enforcement authorities who have jurisdiction over this matter. Upon identifying the incident we immediately supplemented our IT security measures with the assistance of additional outside security consultants,” the statement continued.
