Waldie: Carefully planned for attack
Client data has been stolen from Gateley in a cyber-attack, the listed law firm has revealed.
The firm said it was currently “confident that the incident has been confined to a very small part of its data store, amounting to approximately 0.2% of the company’s data”.
In a statement to the stock exchange, Gateley said the impacted data was “traced quickly and deleted from the location to which it had been downloaded and there is no evidence currently to suggest that this data has been further disseminated”.
It included “some client data” and those clients would be notified when the firm’s investigations “are further progressed”.
Gateley said it has already notified the relevant regulators and law enforcement agencies, as well as the Information Commissioner’s Office.
The “intrusion into its systems from a now known external source” was “quickly” identified by Gateley’s IT team, the statement said.
“Based on the information gathered to date, the company is confident that its security controls were effective in limiting the impact of the incident.
“The company took some of its systems offline while it undertook necessary extensive investigations into the incident, supported by a professional cyber-security support team mobilised as part of its cyber-security insurance facility.
“The company has carefully but rapidly re-established its core systems to enable its staff to continue to work and communicate with its clients. The board has seen no evidence that the financial performance of the company has been impaired.”
Chief executive Rod Waldie said the firm had “carefully planned” for the possibility of a cyber-breach.
“We are continuing to work with specialist cyber security professionals to investigate the incident and identify any parties that may have been affected and we will, of course, contact anyone affected in due course.
“In the meantime, we are restoring all of our systems in a safe and secure manner as quickly as possible and do not expect at this stage any significant disruption to our day-to-day activities or financial performance.”
At the time of writing, Gateley’s shares had dipped 3% on the news.
Law firms are seen as attractive targets by hackers because of the sensitive data they hold.
I think employees in all businesses should be trained with advanced information technology options.