A recent study of law firm data breaches shows that 40% result from staff addressing emails to the wrong recipient.

This and other data were provided by the Information Commissioner’s Office (ICO) following a Freedom of Information (FOI) submission by 2twenty4 Consulting on 14 January 2022.

These are the headline figures:

Law firm data breaches stats
  • 28% of the top 150 have reported data breaches.
  • 84 data breaches in total were reported.
  • 40% of data breaches are due to emailing the wrong recipient.
  • 3 law firms have reported 5 or more breaches.
  • The highest number of breaches reported by a single law firm was 8.
  • 9% of breaches reported were due to failure to redact.

The analysis of data breaches by type is useful in that it may help determine which areas to focus attention on. For the third year running ‘Emailed to the wrong recipient’ clocks in as the highest reported instance of a data breach. A more interesting trend is the rise in those caused by ‘ransomware’ and ‘failure to redact’.

You can get the complete picture by reading the full report in this online pdf file.

Law firm data breaches – how to prevent them.

Clearly, one of the key areas to focus on when making an assessment of your data protection standards is email. One single wrong click can mean you end up in hot water.

However, there are some simple measures you can take to reduce the risk to your business. Your practice management software is the starting point for this. At LawWare, we have been addressing precisely this issue for many years, helping law firms to stay safe and compliant. With LawWare’s integrated Outlook automatically populating the recipient field, that means there’s one less thing to worry about.

To find out how LawWare practice management software can help prevent law firm data breaches, please contact me.

Sean Town, March 2022.

Scroll to Top