Sample Claims

One of the best ways to understand how Safelaw can help protect your law firm is to look examples of various incidents and their corresponding costs. Below you will find several examples of claims, a description and the cost of the incident.

Data Breach Liability (Confidentiality)

Description

A law firm handling Qui Tam cases suffered an accidental data breach resulting in legal liability and disciplinary proceedings for alleged ethical violations. The firm used a cloud storage service for all firm data. The cloud storage provider offered two tiers of service to clients, free and premium. Data in the “free” storage service is searchable and can be downloaded by other customers. The firm neglected to pay their renewal fees for the “premium” service, so the firm’s account reverted to the “free” service and all of the firm’s data was searchable and available online for several months. During that time, numerous parties downloaded the details of a sensitive whistleblower case. As a result, the firm faced a lawsuit from the former client in the whistleblower case as well as a disciplinary proceeding. Several other suits from other current and former clients are also pending.

Damages

Notification Expense: $27,000
Defense Expense: $305,000
Damages: $2,150,000
Fines & Penalties: $120,000
Note: pending suits from other clients are not included in loss amounts listed above.

System Interruption (Virus)

Description

A firm specializing in intellectual property suffered a “time bomb” style computer virus attach that appears to have been targeted at the firm. Once activated, the virus destroyed large portions of the firms data including numerous pending intellectual property filings. The firm struggled to notify clients rebuild their databases quickly from damaged backups and paper files. Although the firm successfully recovered over 95% of the damaged information, many legal deadlines were missed including patent filings and court filings. The liability associated with this claim remains to be seen.

Damages

Forensics Expense: $17,200
Data Restoration Expense: $41,000
Loss of Billable Hours: $161,000

Data Damage (Accidental)

Description

A small firm lost all of their data including backups from a shared office space when the IT administrator formatted the hard drive on the office equipment. The firm, which had 3 lawyers, was operating inside unused space at a larger firm. As part of the arrangement, the smaller firm also used the IT systems of the larger firm. In an effort to segregate the data of the smaller firm, the larger firm gave them access to their own file server, which was normally used for email only. The server began having issues, so the IT administrator backup up the emails on the server, formatted the hard drive and reinstalled all the software. The IT administrator did not remember to backup the data from the smaller firm before formatting the hard drive. The firm suffered an interruption of operations as a result and incurred significant expense to recover the data manually.

Damages

Data Restoration Expense: $23,000
Loss of Billable Hours: $8,900

Fraudulent Funds Transfer (Social Engineering)

Description

A law firm acting as a “closing agent” for real estate transactions was tricked into sending $170,000 to a cyber thief. The Firm received an e-mail purporting to be from seller’s agent instructing the firm to wire the funds to the sellers account. The firm transferred the money held in escrow to the sellers account. However, the email wasn’t actually from the seller and the wire transfer instructions were bogus. The deal fell through, the buyer made a demand for the $170,000 and threated suit against the firm. The firm opted to pay the $170,000 to the client rather than fight a lawsuit. In addition, the firm is being investigated for a trust account violation and may face a disciplinary proceeding.

Damages

Theft of Money: $170,000
Defense Expense: pending
Fines and Penalties: pending

Ransomware

Description

A lawyer at a firm reported being locked out of his system. Upon reporting it to their IT provider it was confirmed it was a ransomware and a demand of over $5000 was sent to unlock the system. The firm had very good backups from the night before so we were able to restore with minimal loss of data. But even with backups it still cost upwards of $20,000 for our forensic provider to restore and ensure any security holes were closed.

Damages

Restoration: $20,000

Data Breach Liability (Privacy)

Description

A firm specializing in immigration law was sued by their clients due to a data breach. The firm represents large companies who routinely bring foreign workers into the country on work visas etc. The potential employees were required to input their personal information on the firm website for firm to use to apply for work documentation. A person inputting information informed the firm that he could see other individual’s information. When the firm hired IT specialists to perform penetration testing they discovered the firm’s database of over 10,500 potential employees had been compromised. Currently, the firm has only been subject to one suit from a former commercial client. They have also received demands from individual employees.

Damages

Forensics Expense: $32,000
Notification Expense: $21,300
Defense Expense: $65,000 (ongoing)
Damages: Pending
Lost Business: Pending

System Interruption (Accident)

Description

An independent contractor working for a firm made a mistake during a systemwide upgrade that caused significant loss of data and 9 days of system downtime. The contractor installed incompatible software during an upgrade, which resulted in the firm’s data being destroyed during the data migration. In addition, the firm’s software had to be removed and reinstalled on all machines.

Damages

Forensics Expense: $34,700
Data Restoration Expense: $114,000
Loss of Billable Hours: $81,600

Data Damage (Hacker)

Description

A disgruntled former employee of a law firm gained unauthorized access to the law firm’s computer system, inserted spyware to spy on executives and began deleting files. At first, the firm thought they had a virus and took steps to eradicate the malicious code. However, every time they rebooted the system, files started being deleted again. Ultimately, the firm contacted forensic experts for help and eventually discovered that it wasn’t a virus. The forensics firm determined the attack was coming from an external source and closed the backdoor. By the time the firm closed the back door into their computer system, the former employee had deleted over 100 gigabytes of data.

Damages

Data Restoration Expense: $23,000
Loss of Billable Hours: $8,900

Ransomware

Description

A small law firm suffered a ransomware attack and had his files locked. Luckily the insured had backups but after trying to retrieve them the backups started to fail. We had to engage a forensics provider to restore the files and while it was being restored, the law firm lost billable hours;

Damages

Forensics: $40,000
Business Interruption: $90,000

Ransomware

Description

A ransomware attack on a small Lawfirm was executed on a Friday evening and was not discovered till Monday morning when employees were unable to get into the system. By this time there was extensive damage to the firms files and systems. Even with viable backups we had to engage a restoration specialist to get the firm back up and running.

Damages

Restoration: $154,000