Law firms are the perfect targets for hackers according security experts. “It is almost a daily occurrence that we read about cyber attacks in the news. Unfortunately, on or around January 25, 2015, our firm was the victim of a single cyber attack, by a relatively new variant of a Cryptolocker-type virus. Cryptolocker is a kind of ransomware used to encrypt files so they’re unreadable; hackers then demand money to restore the data” informs Bloomberg.

But why are law firms the perfect targets ? Perhaps because a lawyer would not want to admit in front of a client that there was a security breach in the firm and important documents could reach in the hands of hackers. At that time, the lawyer will definitely pay the amount required as a bounty. Information reached in hand of hackers could be worth much more than mere payment of the ransom. Law firms of all sizes are vulnerable, particularly the biggest firms. Cybersecurity firm Mandiant says at least 80 of the 100 biggest firms in the country, by revenue, have been hacked since 2011.

Joshua Paul, the president of Vancouver-based Neo Code software, believes that customers should be notified about computer hacks.

“You’ve hired them to protect your confidential data … It’s actually not their data. That was my data that was breached or my data that was encrypted or my data that was destroyed, you might want to notify [clients] that you have this event. I’m not even sure that I would say it’s a breach,”  he said.

“The law firms are a weak link that lead into the financial industry,” McGee says, chief privacy officer at Mandiant parent company FireEye. “If you have a hardened environment, then attackers will go in through your affiliates,” according to Americanlawyer.