CFOtech UK - Technology news for CFOs & financial decision-makers
United Kingdom
Guides
#
cybersecurity
#
data analytics
#
data analytics
#
digital transformation
#
hybrid & remote work
Search
Story image
#
Data Protection
#
Document Management
#
ECM

UK legal sector sees 39% surge in data breach incidents

Yesterday
Author image
By Shannon Williams, Journalist

A recent analysis by NetDocuments has highlighted a significant rise in data breaches within the UK's legal sector, with personal information of nearly 8 million individuals compromised.

According to data from the Information Commissioner's Office (ICO), the legal sector in the UK saw a 39% increase in reported data breaches from Q3 2023 to Q2 2024. The number of reported incidents rose from 1,633 to 2,284, affecting around 12% of the UK's population.

NetDocuments' study also indicates an increase in external threats to law firms, now accounting for half of all data breach incidents. Phishing attacks are the prevalent form of such threats, making up 56% of external breaches.

Despite the rise in external attacks, insider breaches continue to represent a significant portion of the total incidents, with half of all reported breaches attributed internally. Human error remains a notable factor, responsible for 39% of these internal breaches. Typical mistakes include the failure to redact documents or using incorrect email processes.

David Hansen, Vice President, Compliance at NetDocuments, stated, "Legal data breaches impact more than one ten people in the UK, so it is imperative that firms continue to shore up their internal and external defences. At a time when the sector is continuing to digitalise, legal firms need to strike the right balance between keeping data secure, while still allowing their employees to collaborate and work productively."

The analysis sheds light on the primary causes of data breaches within the legal sector. Human error, such as the failure to properly redact data or using incorrect emailing methods, constitutes 39% of all breaches. Meanwhile, 37% of breaches occur from sharing information with unauthorised individuals, and 12% result from lost or stolen data.

Almost half (44%) of the breaches impacted customer information, while 18% affected employees. The types of breached data commonly included basic personal information (42%), financial and economic records (13%), health-related data (10%), and official documentation (10%).

David Hansen emphasised the necessity for the legal sector to remain vigilant regarding data security. "This new analysis firmly underlines that the legal sector can't ignore data protection. Firms handle sensitive documents every hour of every day, so maintaining security when introducing new technologies must remain the highest priority," he said. He further highlighted the importance of implementing measures to prevent human error in light of increased adoption of AI technologies. "Given the uptick in AI adoption, guardrails that mitigate against human error are also imperative. AI has the power to drive productivity and efficiency in the legal sector, but it must not compromise data security."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
UBS report: entrepreneurs eye AI for industry growth
Mostly AI launches open-source toolkit for synthetic data
Sophos acquires Secureworks for USD $859 million
Nationwide partners with CAPSLOCK to boost cyber skills
AI reshaping procurement & security: experts weigh in
Top stories
Deel secures significant $300 million from new investors
UK financial firms hit by rising supply chain cyber attacks
Vultr expands cloud platform to support Agentic AI growth
DTCC unveils ComposerX for digital assets lifecycle management
Lenovo CIO Playbook highlights AI growth in EMEA region