Gateley suffers loss of client data in cyber-attack

Waldie: Carefully planned for attack

Client data has been stolen from Gateley in a cyber-attack, the listed law firm has revealed.

The firm said it was currently “confident that the incident has been confined to a very small part of its data store, amounting to approximately 0.2% of the company’s data”.

In a statement to the stock exchange, Gateley said the impacted data was “traced quickly and deleted from the location to which it had been downloaded and there is no evidence currently to suggest that this data has been further disseminated”.

It included “some client data” and those clients would be notified when the firm’s investigations “are further progressed”.

Gateley said it has already notified the relevant regulators and law enforcement agencies, as well as the Information Commissioner’s Office.

The “intrusion into its systems from a now known external source” was “quickly” identified by Gateley’s IT team, the statement said.

“Based on the information gathered to date, the company is confident that its security controls were effective in limiting the impact of the incident.

“The company took some of its systems offline while it undertook necessary extensive investigations into the incident, supported by a professional cyber-security support team mobilised as part of its cyber-security insurance facility.

“The company has carefully but rapidly re-established its core systems to enable its staff to continue to work and communicate with its clients. The board has seen no evidence that the financial performance of the company has been impaired.”

Chief executive Rod Waldie said the firm had “carefully planned” for the possibility of a cyber-breach.

“We are continuing to work with specialist cyber security professionals to investigate the incident and identify any parties that may have been affected and we will, of course, contact anyone affected in due course.

“In the meantime, we are restoring all of our systems in a safe and secure manner as quickly as possible and do not expect at this stage any significant disruption to our day-to-day activities or financial performance.”

At the time of writing, Gateley’s shares had dipped 3% on the news.

Law firms are seen as attractive targets by hackers because of the sensitive data they hold.

    Readers Comments

  • shahid says:

    I think employees in all businesses should be trained with advanced information technology options.

Leave a Comment

By clicking Submit you consent to Legal Futures storing your personal data and confirm you have read our Privacy Policy and section 5 of our Terms & Conditions which deals with user-generated content. All comments will be moderated before posting.

Required fields are marked *
Email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.


A two-point plan to halve the size of the SRA

I have joked for many years that you could halve the size (and therefore cost) of the Solicitors Regulation Authority overnight by banning both client account and sole practitioners.

Key cyber and data security questions to ask a legal IT provider

One of the growing priorities that law firms face when considering a legal technology provider is cyber and data security, such as their responsibilities and cyber incident management.

Navigating carer’s leave: A personal journey and call for change

The Carer’s Leave Act 2023, which came into force on 6 April 2024, was a pivotal moment for the UK. It allows workers to take up to five unpaid days off a year to carry out caring responsibilities.

Loading animation