Law Firms

Costs of malware attack on DLA Piper could be in the millions; does insurance cover it?

  • Print.

DLA Piper logo


Appropriate insurance could cover many of the costs associated with the malware attack on DLA Piper last month, insurance experts say.

Cyberattack insurance could cover external support, loss of income and bringing computer systems back online, according to insurance experts who spoke with Legal Week (sub. req.).

Firms could buy coverage of up to $500 million, though the norm for coverage that augments third-party liability in professional indemnity insurance is for up to $100 million.

Professional indemnity insurance is designed to protect clients, and not a law firm’s exposure to cyber risk, experts told Legal Week. PI insurance typically covers loss of client money or data, but it doesn’t cover costs of dealing with a cyberattack.

Total costs in connection with the cyberattack on DLA Piper could reach millons, according to Brett Warburton Smith, a partner at independent insurance broker Lockton Solicitors.

One insurance broker said her company offers cyberattack insurance that covers access to specialist law firms, a public relations firm, loss of income, and even a percentage of a success fee stemming from a lost client. Coverage could also include mitigation expenses, such as the costs of working remotely and outsourcing urgent work.

DLA Piper shut down its computer systems as a precautionary measure after it detected suspicious activity on its network. Email is back up and the law firm is “bringing other major systems online in a secure manner as well,” according to a July 10 update by the law firm.

DLA Piper continues to see no evidence that client data was taken or that confidentiality was breached, the statement said.

Two typos corrected at noon.

Give us feedback, share a story tip or update, or report an error.