Protecting against a cyber breach.

Understanding what a cyber breach is—and more importantly, what to do about it—is critical
knowledge for those running law firms. A cyber breach occurs when a third party gains unauthorized
access to a company’s computer systems, website and/or data.

What’s most important to understand is that many law firms today are far more at risk for a cyber
breach than they realize. And many are often under insured should the worst happen.

Law firms are attractive targets to cyber thieves because of the sensitive and valuable client
information they obtain and store. Not only are criminals interested in this information, but so are
foreign governments and competitors.

Types of Law Firm Cyber Breaches
Cyber attacks and breaches can affect your law firm in a variety of ways:
  • Lost/stolen business laptop or cell phone
  • Email phishing attack
  • Ramsomware attack
  • Malware infection
  • Denial of service
  • Hacked business email/website
  • Stolen data (internal and client)
  • Wire transfer fraud
  • Misdirection of electronic payments and/or information
  • Cyber extortion

Click here for more examples of Law Firm Cyber Breach Experiences

The Danger of Cyber Breaches to Law Firms
Did you know...
  • Cyber attacks were up 55% in 2017.
  • The average cost for each lost or stolen record containing sensitive and confidential information increased by 4.8% year over year to $148 per record. ( 3/13/19)
  • In 2018, over 1,200 incidents exposed 440 million records of personal information, an increase of 126% over 2017.
  • Cyber Security Ventures reports that ransomware cost businesses $5 billion worldwide in 2017 and upwards of $8 billion in 2018. Ransomware payment demands have significantly increased.
  • Fifty-eight percent of all cyber attacks targeted small businesses. Costs to respond and recover from these attacks averaged almost $385,000.
  • While the nature and extent of attacks on small business vary greatly, 67% of SMBs experienced a cyber attack and 58% experienced a data breach in the last 12 months.

Click here for more statistics from the NAS Cyber Digest.

The damages that law firms can sustain from a cyber breach are financial, reputational and regulatory in nature.

They include:


  • Forensic investigations
  • Public relations
  • Customer notifications
  • Credit monitoring
  • Regulatory fines/penalties
  • Remediation costs
  • Reputation rebuilding
  • Business interruption
Most law firm malpractice policies do not cover these types of breaches and damages.
Fortunately, we have cyber breach coverage for your firm, no matter the size, type of practice or scope of cyber security protection needed.

If you are not an OBLIC policyholder, or you are a policyholder but don’t have adequate cyber security coverage,
call (855) 745-9222 to speak to an OSBAIA agent now.


OBLIC policyholders:

Click here for policy plan highlights.

OBLIC non-policyholders:

Click here for policy plan highlights.

Rick Creel
Vice President, Sales and Business Development
(614) 572-0616
Tammy J. Thornton
Senior Sales Executive
(614) 572-0616
Danna Blackburn
Sales Executive
(614) 572-0616