Conveyancers beware as data stolen from listed law firm
Cyber crime hit the headlines again last week as listed city firm Gateley reported client data had been stolen during an attack on its IT network.
A statement to the London Stock Exchange on 16th June confirmed that the firm was managing an incident in which its IT system had been breached and client data subsequently stolen.
Gateley stated that the incident was swiftly discovered and managed, and that all stolen data, around 0.2% of client data, had now been traced and deleted from the compromised external location, and that there is no evidence to suggest that the data has been leaked further.
The recently released Hiscox Cyber Readiness Report 2021 identified a significant increase in the number of organisations targeted by cyber criminals, with 43% of those surveyed reporting one or more attacks, up from 38% in 2020. 28% of organisations affected reported being attacked on more than 5 occasions.
The financial impact of cyber attack is laid bare by the report which states
“in one-in-six of all firms attacked this year (17%) said the impact was serious enough to ‘materially threaten the solvency or viability of the company’.”
For conveyancers in the midst of the busiest period many have ever witnessed, vigilance is key. Earlier this month Bold Legal Group circulated a reminder to members following an email purporting to be from Skipton Building Society requesting information about the firm’s panel application.
On this occasion closer inspection revealed the email to be from a “Gmail” account but the description of the methodology is similar to many others; the style of an official email is effectively cloned by a fraudster so that on first glance it appears to be legitimate. The advice is to remain vigilant and check all incoming emails thoroughly before opening, clicking, or responding and never reveal usernames or passwords on email.
The Gateley breach has been reported to the relevant regulators and law enforcement agencies with affected clients expected to be informed by Gateley pending further internal investigation, which will continue for the next few days.
Rod Waldie, CEO of Gateley stated:
“We are continuing to work with specialist cyber security professionals to investigate the incident and identify any parties that may have been affected and we will, of course, contact anyone affected in due course. In the meantime, we are restoring all of our systems in a safe and secure manner as quickly as possible and do not expect at this stage any significant disruption to our day-to-day activities or financial performance.”
Although Gateley’s financial performance was thought not to be affected by the incident, the firm suffered an immediate 8% downturn in share value.
Waldie praised the IT team at Gateley for their quick response to the incident:
“IT security is of paramount importance to Gateley and we had carefully planned for the occurrence of risk that a cyber breach could have on the business. Incidents of this nature are, sadly, prevalent. I am grateful that the prompt actions of our IT team have limited the impact of this incident and enabled us to resume our business operations swiftly.”