Ride the Lightning
Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.
Law Firm Cole Schotz Suffers Data Breach by Former Associate and Files Suit
December 1, 2020
Law.com reported on November 4 that law firm Cole Schotz obtained a restraining order against a former associate who allegedly used social media to disseminate confidential documents belonging to the firm and its clients.
Myles MacDonald, a former bankruptcy associate in the firm's Wilmington, Delaware office, appears to be a disgruntled ex-employee. In a public blog post he said, "Why risk my career, my bridges and (who knows?) My law license? Why do this? Because I decided I want to do something that mattered. That would actually help someone. That would make me feel human."
According to the suit filed in federal court in New Jersey, MacDonald published an online post stating that he is on a quest to do harm to "Big Law." It claimed he had demanded that certain partners at the firm resign, and that the firm itself release certain documents. The suit also alleged the attorney said he will continue to disclose confidential firm information, if the firm does not do so.
MacDonald resigned from the firm in June 2019 and allegedly admitted to misappropriating hundreds of pages of privileged and confidential documents from the firm when he departed.
McDonald's posts speak of his decision to leave "Big Law," and call upon fellow attorneys to "reform ourselves through collective action."
"If we do, we can save our country. Or we can let it die," said MacDonald, who describes himself as "a 31-year-old privileged white dude in an apartment in Nashville." The attorney goes on to say he "joined the legal community because I wanted to do something meaningful with my life. I think I have a voice that speaks to the better side of us."
U.S. District Judge Claire Cecchi of the District of New Jersey entered a two-week restraining order, barring MacDonald and his agents or friends from any further disclosure of confidential documents to any person. The judge also ordered him to collect any such documents already distributed to others.
Beginning Oct. 23, MacDonald made repeated threats to release confidential and privileged information belonging to Cole Schotz, the suit claims. On Oct. 24, the firm sent him a cease-and-desist letter by email. Cole Schotz claimed he responded with one word: "And?"
On Oct. 29, MacDonald posted on LinkedIn a confidential, attorney-client privilege draft complaint and a confidential attorney-client work product memo on litigation strategy.
Cole Schotz wrote to him again Oct. 30, demanding he take down his postings of confidential documents, the complaint claimed. Later that day, his LinkedIn profile was deactivated, thereby concealing his posts of confidential information.
MacDonald allegedly continued to make threats against Cole Schotz and its staff, the complaint claimed. On Oct. 31, he allegedly sent text messages to several Cole Schotz attorneys, saying that if certain partners in the firm did not resign and if the firm did not itself disseminate certain documents, he would disperse its confidential materials over 50 internet platforms, the firm claimed.
The firm brought claims for misappropriation of trade secrets and breach of fiduciary duty. It seeks a declaratory judgment that MacDonald's alleged publication and dissemination of privileged and confidential information breaches the duty of loyalty owed to Cole Schotz. The firm also seeks damages, legal fees and costs.
On November 13, Law.com had a follow up article warning of the dangers of a remote workforce.
While data loss prevention software has served law firms well in detecting and preventing breaches, it may not be as effective in a remote workforce. Experts have said that law firms need to shift their network surveillance from the office to personal devices used by lawyers and staffers working remotely. If they don't, more employees could more easily save and disclose confidential documents.
"It's bound to happen just because it's easier to monitor an office network, but once you send everyone to work remotely it becomes much more challenging to monitor that data," said Ben Hughes, commercial services practice lead for cybersecurity provider Polito Inc.
The article referenced the Cole Schotz incident to indicate the dangers of former employees.
If an employee is determined to save/take law firm files, data loss prevention software can help but it isn't foolproof.
"If it's in their head, there's not much we can do to protect it," said Joshua Crumbaugh, CEO of cybersecurity and training provider PeopleSec. However, he added that "there's ways to make it very difficult and I would say it prevents most instances."
Hughes recommended ongoing monitoring of networks and immediately wiping data and revoking data access after terminations or resignation announcements.
Still, "once someone leaves the firm, obviously [firms] are limited in how they can keep tabs of that ex-employee," Hughes noted. He explained, "It's harder to keep track of that data. That's why it's so important to have data loss prevention while you can so you can keep tabs of that data. It provides some stability to the firm you wouldn't have once they leave the firm."
Hughes added, "I think that's another revolution we're seeing in law firms. You can't just monitor the office anymore, you need to monitor the endpoints such as mobile devices [and] laptops. The shift of emphasis is on the endpoint because it's insufficient to focus on the office network."
I second that. Work-from-home has proven to be a godsend in many ways, but it has also meant dealing with security threats that did not previously exist.
Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson