DPP Law, a UK-based law firm, has been fined £60,000 for breaching data protection laws following a cyberattack where hackers accessed sensitive information through a vulnerable administrator account. The incident, which involved over 32GB of data being stolen and published on the dark web, exposed the firm’s lack of adequate cybersecurity measures, particularly the absence of multi-factor authentication. The breach came to light only after the firm was contacted by the National Crime Agency, highlighting the necessity for robust security protocols in legal practices.
A British law firm, DPP Law, was fined £60,000 after cybercriminals accessed sensitive data via a poorly protected account and published it on the dark web.
The breach highlights the importance of implementing robust security measures, particularly multi-factor authentication, to prevent unauthorized access to sensitive information.
The Information Commissioner's Office noted that DPP Law's failure to secure personal data led to a significant data breach, impacting public trust in legal professionals.
Because DPP Law was unaware of the breach until notified by the National Crime Agency, this incident underscores the risks posed by insufficient cybersecurity awareness.
Collection
[
|
...
]