What's Happening?
Lewis Brisbois, one of the largest law firms in the United States, has instructed its remote and hybrid employees to return to the office or use firm-issued computers at home following a cyberattack. The firm, which has over 1,600 attorneys nationwide,
took this step after blocking external access to its internal networks. The decision was communicated on June 10, 2026, by Elijah Bernal, an office administrator, who noted the firm is working to procure additional equipment for employees. This move comes in response to a series of attempted hacks, as reported by Curtis Hendzell, the firm's information security director. The attacks involved cybercriminals impersonating IT personnel to gain access to sensitive information. The FBI had previously warned about such tactics being used by the Silent Ransom Group, which targets law firms through social engineering techniques.
Why It's Important?
The cyberattack on Lewis Brisbois highlights the growing vulnerability of law firms to sophisticated cyber threats. As legal firms handle sensitive client information, breaches can have severe implications for client confidentiality and trust. The firm's decision to restrict access to its systems through personal devices underscores the need for robust cybersecurity measures in the legal industry. This incident may prompt other law firms to reassess their cybersecurity protocols and remote work policies. The attack also reflects broader challenges faced by industries reliant on remote work, emphasizing the importance of secure IT infrastructure to protect against cyber threats.
What's Next?
Lewis Brisbois plans to permanently ban the use of personal devices for accessing its systems, indicating a shift towards more controlled and secure IT practices. Employees who cannot work from the office are encouraged to seek temporary work solutions. The firm is likely to continue enhancing its cybersecurity measures to prevent future breaches. This incident may lead to increased scrutiny from clients and regulatory bodies regarding the firm's data protection practices. Other law firms may also take proactive steps to safeguard their networks, potentially leading to industry-wide changes in cybersecurity strategies.
