More than two thirds of data breaches at UK legal firms were caused by insiders warns NetDocuments
UK News

NetDocuments logoData breaches caused by insiders remains a threat to the UK legal sector warns NetDocuments, the leading secure cloud-based content services platform for law firms, corporate legal teams, and compliance departments.

Based on analysis of the latest data from the Information Commissioner’s Office (ICO) from Q3 2021, 68 percent of identified data breaches in the UK legal sector (i.e., those where the origin could be identified) were caused by insiders, as opposed to only 32 percent caused by outside threats, such as external malicious actors.


At a time when the Great Resignation has created the “Great Exfiltration” whereby employees are leaving their jobs and taking their company’s data with them, the findings highlight the need for law firms to prioritise addressing threats from within and invest in the latest data security and governance controls. 

“Given the sensitivity and vast amount of data that law firms manage, the legal sector is one of the most at-risk industries from both accidental and intentional insider data breaches,” comments Andy Baldin, VP of International Business at NetDocuments. “The shift to remote working and the advent of the ‘Great Exfiltration’ has only exacerbated the issue. It’s clear that law firms need to be extra vigilant and take proactive steps to gain control over how files are accessed, and what users can do with them, while at the same ensuring their staff remain productive.” 


The analysis of the ICO data highlights the common causes of data breaches in the legal sector:

  • 52 percent of data breaches in the legal sector occurred from sharing data with the wrong person (i.e., via email, post or verbally)
  • 25 percent of data breaches in the legal sector occurred from phishing attacks
  • 10 percent of data breaches occurred from losing data (i.e., loss/theft of device containing personal data, or of paperwork or data left in insecure location)
  • 54 percent occurred from human error (i.e., verbal disclosure; failure to redact or use bcc; alteration of data; hardware mis-configuration; documents emailed or posted to wrong recipient)

“Whether malicious or through careless actions, data breaches can cause huge financial and reputational damage,” continues Baldin. “Law firms should look to prioritise Data Loss Prevention as part of their overall cybersecurity strategies. This will ensure that they have an extra line of defence when it comes to preventing exfiltration and the unauthorised or inappropriate use of data.”

Legal IT Today #32

NetDocuments recently held a webinar on firms keeping secure amidst the Great Resignation. A link to the recording can be found here

About NetDocuments

Founded in 1999, with more than 3,400 enterprise customers worldwide, NetDocuments is the legal industry’s most trusted cloud-based content services and productivity platform. Complete with state-of-the-art built-in security, compliance and governance solutions, NetDocuments offers document management, email management and collaboration technology complete with disaster recovery, enterprise search, and matter centricity features. For more information about NetDocuments, please click here.


Copyright © 2023 Legal IT Professionals. All Rights Reserved.

Media Partnerships

We offer organizers of legal IT seminars, events and conferences a unique marketing and promotion opportunity. Legal IT Professionals has been selected official media partner for many events.

development by