A Lawyer’s Worst Nightmare

of businesses are closed 6 mos. after a data breach
0 %
of attacks are delivered through email
0 %
of businesses have cyber liability coverage
0 %
of cyber claims get denied due to non-compliance
0 %

Cautionary Tale: A $3.5M Breach for a Law Office with 2 Computers and "Everything in the Cloud"

In the fast-paced and interconnected world of law firms, the importance of cyber risk management and cybersecurity cannot be overstated. This cautionary tale recounts the devastating experience of Mark & Associates, a law firm that endured a crippling cyber attack. While the firm’s location and true identity remain confidential along with the individual’s names, the events and lessons learned shed light on the pervasive threat faced by legal professionals. We’ll briefly navigate through the causes, effects and challenging aftermath of this breach and highlight the crucial need for continuous vigilance in the realm of cybersecurity.

Chapter 1: The Calm Before the Storm

Mark & Associates appeared to be a thriving and reputable law firm, with a dedicated team of professionals. Mark, an experienced attorney, and Juli, a diligent legal assistant, were the backbone of the firm. However, a critical oversight in their cybersecurity infrastructure would soon expose their vulnerabilities to the dark world of cybercrime.

Chapter 2: The Trap is Sprung

Juli innocently opened an email attachment from an unfamiliar source, unknowingly triggering a meticulously crafted trap. Unbeknownst to the firm, cybercriminals gained unauthorized access to their network, lurking undetected for an astonishing 87 days.

Chapter 3: The Reckoning

On that fateful 87th day, chaos erupted within the firm as the cybercriminals revealed their true intentions. The firm’s computer systems were seized, and a menacing message appeared on every screen. The threat was clear and ominous. The cybercriminals demanded a staggering ransom of $3.87 million, precisely matching the proposed list price of Mark’s firm.

Chapter 4: The Negotiation

Negotiating with the cybercriminals was a daunting task, one that required meticulous planning and strategic maneuvering. Through painstaking negotiations, the ransom was eventually reduced to $2.6 million. While still an exorbitant amount, it provided a glimmer of hope for Mark and his team.

Chapter 5: The Fallout

Although Mark paid the negotiated ransom, there was no guarantee that their clients’ information would remain confidential. The unsettling truth was that once data falls into the hands of cybercriminals, the victim of a data breach has a legal obligation to notify affected individuals, including clients and others whose data may have been compromised.

Chapter 6: Picking Up the Pieces

With the ransom paid, Mark & Associates faced the challenging task of fulfilling their legal obligation to provide proper notification. They engaged legal counsel and cybersecurity experts to develop a comprehensive strategy for notifying clients and other affected parties. The firm crafted notification letters, offering resources and support to those impacted by the breach.

Chapter 7: The Lingering Effects

As of the time of writing, Mark & Associates continues to grapple with the aftermath of the cybersecurity breach. The firm remains in a state of recovery, working diligently to rebuild trust with clients, opposing parties, and the legal community. They have implemented enhanced security measures, engaged in open communication, and demonstrated their commitment to protecting client data.


The story of Mark & Associates serves as a cautionary tale, revealing the devastating impact of a cybersecurity breach on a law firm. The threat of cyber extortion, the exorbitant ransom demand, and the subsequent negotiation underscore the gravity of the situation faced by legal professionals. While the firm managed to navigate the treacherous waters of the cyber attack and make a difficult choice in paying the ransom, the journey to recovery is ongoing. Mark and his team face the arduous task of rebuilding their reputation, ensuring the security of their systems, and regaining the trust of their clients.

The experience of Mark & Associates serves as a stark reminder to all lawyers of the urgent need to prioritize cybersecurity measures, including multi-factor authentication, to protect sensitive client information and defend against cyber threats that can upend an entire practice. By learning from their story, legal professionals can fortify their defenses, honor their ethical obligations, and safeguard the trust and confidentiality entrusted to them by their clients.

By Derreck Ogden

Fill out the form below and one of our expert team members will contact to you to talk about your business’s bright future in these uncertain times! 

Contact Us Today!

Your business is constantly exposed to cyber threats that could damage your reputation, compromise sensitive data, and even bring operations to a halt. Waiting to take action against these threats puts your business at a greater risk of attack. It’s time to take control of your technology infrastructure and protect your business. Don’t wait any longer to get started.

Connect with the WOM Technology Management Group today and take the necessary steps towards securing your business. Our team of experts will get back to you within one business day to begin your journey towards confidence in your technology infrastructure.

Our Confidence as a Service™ model offers a unique approach to technology optimization and cyber risk management. With our comprehensive suite of services, we can help you achieve your business goals and reduce the likelihood of cyber attacks. By working with us, you’ll have access to a team of professionals with years of experience in technology and cyber risk management.

We are excited to work with you and show you how Confidence as a Service™ can revolutionize your business technology infrastructure. Don’t hesitate any longer to make the change your business needs. Contact us now and let’s get started.

Leave a Reply

Your email address will not be published. Required fields are marked *