Source: TechMonitor
New research into data released by the Information Commissioner’s Office reveals that up to 4.2 million people could have been impacted by law firm data breaches last year.
Up to 60% of all data breaches at UK law firms were caused by human error from staff, according to new research by NetDocuments. The study, based on data released by the Information Commissioner’s Office (ICO) between the third quarter of 2022 and the second quarter of 2023, reveals that only 40% of data breaches originated from malicious actors. Additionally, it is estimated that data belonging to 4.2 million people could have been compromised as a result of these incidents.
Most data breaches in the UK legal sector in the period analysed appear to have been caused by staff carelessness, with 37% of incidents caused by employees sharing sensitive data with the wrong person. 39%, meanwhile, arose from other errors like hardware misconfiguration, or failure to use the BCC function in emails to hide the addresses of email recipients. Most of the data compromised as a result of these actions seems to have been basic personal information (49%), with the rest being an even distribution of financial data, health data and official documents.
“Above all, it seems that human interaction is at the heart of these statistics,” says Jake Moore, global cybersecurity advisor at ESET. “With the amount of extremely sensitive data held and managed in law firms, it is imperative that these companies are on top of their staff awareness training.”
Read full article: https://techmonitor.ai/technology/cybersecurity/data-breaches-uk-law-firms-causes
