Nearly 1 million UK law firm passwords are available on the dark web, report says
Websites that collect stolen and leaked credentials had about 1.16 million email addresses from the 500 top law firms in the United Kingdom, according to cybersecurity firm report.
More than 900,000 of those addresses had associated passwords that were visible or “easily cracked online,” according to the report by RepKnight. Legal Tech News, Infosecurity Magazine and ZDNet covered the findings.
The breached email addresses and passwords puts law firms and their employees at risk of phishing and bot attacks, the report says.
RepKnight found the exposed email information after using a dark web monitoring platform to search for domains from a list of U.K. law firms. The vast majority of exposed credentials were from breaches of websites and systems unconnected to the law firms where employees have used their work email addresses.