Law firms across the US are facing escalating cybersecurity threats, from high-profile ransomware attacks on state legal offices to critical vulnerabilities in everyday office devices.
In this edition of the Infoguard Security newsletter, we break down three real-world threats every firm should be watching:
- A ransomware attack that exposed the personal data of thousands at the State Bar of Texas
- A bold intrusion claimed by a cyber gang targeting the Virginia Attorney General’s Office
- A new report revealing the 20 most vulnerable devices of 2025, many commonly found in law offices
—————————————————————————————–
Ransomware Attack Exposes Sensitive Data at State Bar of Texas — A Wake-Up Call for Law Firms
In a recent ransomware attack, the State Bar of Texas confirmed that cybercriminals breached its network and accessed highly sensitive personal information, prompting renewed urgency for cybersecurity in the legal sector.
What Happened?
The breach was first detected on February 12, when suspicious activity on the bar’s network triggered a full-scale incident response and investigation. It was later determined that the unauthorized access began as early as January 28 and continued until February 9.
During that time, attackers accessed and stole confidential files. While the specifics vary by individual, exposed data includes:
- Social Security numbers
- Driver’s license and government-issued ID numbers
- Financial account details, including credit card numbers
- Medical and health insurance information
Although the State Bar has not confirmed any fraudulent use of the stolen data so far, they are offering affected individuals 12 to 24 months of free identity theft protection and credit monitoring.
While the Bar has not publicly confirmed the total number of affected individuals, breach notifications filed in Texas, New Hampshire, and Massachusetts reveal that at least 2,700 people were directly impacted.
The incident was later claimed by the INC Ransom gang, who posted the State Bar of Texas on their dark web leak site in late February.
Why This Matters to Your Law Firm
This breach sends a clear signal that law firms and legal institutions are prime targets for cybercriminals. With over 100,000 active members, the State Bar of Texas is one of the largest legal bodies in the U.S., responsible for regulating legal ethics, licensing, and discipline.
When organizations of this scale fall victim, it raises serious concerns about the legal profession’s vulnerability to cyberattacks.
What Can Your Firm Do Right Now?
Legal professionals handle some of the most sensitive data out there. Whether it’s client financials, litigation strategy, or personal health records, your data is a goldmine for cybercriminals.
Here’s how Infoguard Security helps safeguard your firm:
- 24/7 Network Monitoring and Threat Detection
- Advanced Ransomware Defense and Recovery
- Data Encryption and Access Controls
- Incident Response Planning and Support
- Staff Training Tailored to Law Firms
———————————————————————————————–
Cyberattack on Virginia Attorney General’s Office Highlights Critical Cybersecurity Gaps in the Legal Sector
A recent ransomware attack on the Virginia Attorney General’s Office (AGO) has underscored just how disruptive a cyber incident can be for legal operations.
The attack, claimed by the Cloak ransomware group, temporarily crippled the AGO’s systems, taking internal services, applications, and even court filing processes offline.
What Happened?
In mid-February, staff at the AGO were alerted via email that nearly all digital services were down, including their internal network, website, and VPN access. The impact was so severe that attorneys and staff were forced to revert to paper-based court filings to continue operations.
Although the AGO has not publicly released full details of the breach, the Cloak ransomware gang later listed the office on its leak site in March, posting stolen data for download. This strongly indicates that the agency refused to pay the ransom and that sensitive data was exfiltrated.
Who’s Behind the Attack?
The Cloak group has been active since late 2022 and is believed to be linked to the Good Day ransomware gang. They’ve carried out dozens of attacks globally, mainly targeting small and mid-sized businesses. The group uses a mix of social engineering and partnerships with access brokers to infiltrate systems.
Cloak uses an advanced ransomware strain known as ARCrypter, derived from leaked Babuk ransomware code. This type of malware is specifically designed to lock users out of their systems while exfiltrating data for leverage in extortion attempts.
What Law Firms Should Take from This
This incident should set off alarm bells for law firms across the country.
If an attorney general’s office, which is equipped with state-level resources and oversight, can be so severely disrupted, private law firms with fewer defenses are even more at risk.
Here’s why it matters for your practice:
- Operational Disruption: The AGO had to suspend digital processes entirely. For a law firm, losing access to client files, case documents, and legal research tools could halt business entirely.
- Client Confidentiality Breached: Sensitive case files and personal client information may now be exposed. For law firms, that’s a potential malpractice issue.
- Increased Targeting of Legal Institutions: Cybercriminals know that law firms are treasure troves of sensitive data and many lack advanced security protocols.
How Infoguard Security Helps Law Firms Stay Protected
Infoguard Security provides specialized cybersecurity services for the legal industry, designed to prevent exactly this kind of scenario. Our solutions include:
- Proactive Ransomware Defense
- Real-Time Threat Detection and Response
- Secure Remote Access for Hybrid Legal Teams
- Data Backup and Rapid Recovery Systems
- Staff Training to Spot Social Engineering Attacks
———————————————————————————————–
Law Firms at Risk: Report Identifies the 20 Most Vulnerable Connected Devices of 2025
A new report has revealed an alarming trend for businesses, including law firms: routers and network infrastructure are now the riskiest devices in enterprise environments, overtaking traditional endpoints like computers.
What Law Firms Need to Know
The ‘Riskiest Connected Devices of 2025’ report analyzed millions of devices across IT, IoT (Internet of Things), and OT (Operational Technology) environments.
It found that device-related risk has jumped 15% year-over-year, with routers now accounting for over half of all critical vulnerabilities.
And while the report spans multiple sectors, including healthcare, finance, and retail, its findings are especially relevant to law firms. Many law offices rely on older equipment, unsecured remote access setups, and hybrid workplace models.
The Devices Putting Your Practice at Risk
Here are a few of the high-risk devices legal practices might unknowingly be using:
- Routers and Firewalls – Essential for connecting to the internet, but frequently targeted with zero-day vulnerabilities.
- VoIP Systems – Used for client communication but often unpatched or misconfigured.
- Imaging Devices and Networked Printers – Common in legal offices, often overlooked in security scans.
- Healthcare Workstations and Lab Equipment – Relevant for firms handling medical malpractice or healthcare litigation, where sensitive third-party data may be accessed or stored.
- Point-of-Sale (PoS) Devices – Used in firms offering payment plans or accepting client payments on-site.
Many of these devices were newly added to the “top 20” list this year, reflecting the evolving tactics of cybercriminals.
Your Router Is a Bigger Target Than Your Laptop
One of the most surprising findings? While computers still contain the most bugs overall, network equipment like routers and gateways are now more dangerous due to the severity of their vulnerabilities and how quickly hackers exploit them.
This means a breach could happen at the infrastructure level, silently and without user interaction, making early detection and layered security essential.
Outdated Systems Create Legal and Compliance Risks
Over 50% of business-class Windows devices across industries are still running Windows 10, which reaches end-of-support in October 2025.
That includes many law firms who haven’t yet transitioned to newer platforms. Once support ends, security patches stop, leaving these systems wide open to attacks.
For law firms, continuing to use unsupported software could expose sensitive client data, violate ethical obligations, and lead to costly downtime or litigation.
Widening Attack Surface: Beyond IT
The modern law office now includes remote workers, cloud-based case management, smart office devices, and even connected courtroom tools. These expanding endpoints create a broader attack surface that can’t be secured by antivirus software alone.
Key findings include:
- A rise in unencrypted Telnet usage and a drop in SSH, which is far more secure.
- Legal practices operating in regulated industries like healthcare or finance face even greater risk due to increased exposure through third-party tools and data handling.
How Infoguard Security Helps Law Firms Secure Their Entire Network
Infoguard Security specializes in protecting law firms from today’s complex cyber threats. Our services go beyond laptops and servers. We secure your entire digital footprint, including routers, VoIP, printers, mobile devices, and cloud environments.
Here’s what we offer:
- Complete Device Visibility – Know exactly what’s on your network at all times.
- Proactive Vulnerability Management – Patch and protect all endpoints, from firewalls to fax machines.
- Secure Remote Work Environments – Keep hybrid teams safe from unsecured connections.
- Regulatory Compliance Support – Stay aligned with legal data privacy and security standards.
- End-of-Life System Upgrades – Transition away from outdated systems before they become liabilities.
——————————————————————————————–
Organizations in the legal sector are becoming prime targets for cybercriminals. Outdated equipment, unpatched systems, or a lack of visibility can turn a small vulnerability into a major breach.
Infoguard Security is here to help your law firm stay one step ahead.
👉 Book your free cybersecurity checkup today and get a custom risk assessment built for legal professionals.
Best regards,
