Hackers broke into the computer networks at some of the country’s most prestigious law firms, and federal investigators are exploring whether they stole confidential information for the purpose of insider trading, according to people familiar with the matter.
I recall visiting a friend at a law firm and pointing out that their server racks were easily accessible (they were tucked into corners) and that the firm really needed to improve its security.
A week later, an associate tripped while attempting to retrieve a balled-up piece of paper (she missed the rubbish basket while taking a shot), and fell behind the server, ripping out all the wires and damaging the server connectors and ports.
The law firm lost all email in Europe for 72 hours.
Are your law firms part of your third party / vendor management program? Are they as rigorously vetted as your other vendors?