"Human Error and Insiders Expose Millions in UK Law Firm Data Breaches"

According to security researchers at NetDocuments, UK law firms are falling victim to data breaches primarily because of insiders and human error.  The researchers examined data from the Information Commissioner’s Office (ICO) covering Q3 2022 to Q2 2023 and found that 60% of data breaches in the UK legal sector were the result of insider actions, and the rest (40%) were from external actors.  In total, the researchers found that data from legal firms relating to 4.2 million people was compromised during the period analyzed.  The researchers noted that almost half of the cases (49%) impacted customers, and 13% impacted employees.  The main types of data breaches in the legal sector included basic personal information (49%), economic and financial data (13%), health data (10%), and official documents (10%).  The researchers revealed that the common causes of data breaches in the legal sector, according to the IOC data analysis, included human error (39% of incidents), sharing data with the wrong person (37% of incidents), phishing and ransomware attacks (27% of incidents), and data loss (12% of incidents).   

Infosecurity Magazine: "Human Error and Insiders Expose Millions in UK Law Firm Data Breaches"