On the plus side, the cybersecurity incident at Troutman Pepper does not appear to have compromised any client data. So, in a sense, the system worked.
But as a damage recovery matter, leaving attorneys using personal email accounts and locally saved documents for over a day highlights that for all the talk about protecting data, the unheralded impact of a cyber breach tends to be leaving the firm technologically adrift for extended stretches while tech professionals perform clean up.
Troutman attorneys received this email notification yesterday:
As you might imagine, that “several more hours” timeline proved overly optimistic. The firm blasted another message telling folks to consider working remotely today because the network continues to be down.
People still use Hotmail? Why not turn on the AOL access while you’re at it?
Once this crisis is averted, the firm has a new logistical headache on its hands in making sure all those emails get properly handled under the firm’s document retention policy. Firms need a plan for all the downstream issues a breach and service interruption causes.
But, yeah, at least the incident is not thought to have reached client data.
Good luck to Troutman on cleaning this up and getting back online quickly. And for everyone else out there, maybe today is a good day to think about exactly how your firm would handle a total tech shutdown.
Joe Patrice is a senior editor at Above the Law and co-host of Thinking Like A Lawyer. Feel free to email any tips, questions, or comments. Follow him on Twitter if you’re interested in law, politics, and a healthy dose of college sports news. Joe also serves as a Managing Director at RPN Executive Search.