The New York Times was quick to point out that Apple has stored some of its off-shore money in Jersey, an island far from the USA. Of course it wasn’t just The NY Times, because a number of investigative reporters and journalists were right in there with them. They got their information from Appleby’s, a well known law firm based in a place lawyers like to visit, Bermuda. They hold a lot of doctor’s training down there for the same reason.
This is the second time somebody has stolen and published information from law firm that specialized in shell companies. I previously looked at the establishment of shell companies to hold China’s US debt, so it would appear the amounts were going down. Parts of that information and the family holdings of Chairman Xi’s family were discovered in the Panama Papers, and published by the Times. More to come, no doubt, since that kind of behavior is unlikely to change. In both cases, the International Consortium of Investigative Journalists is involved and that group got some of its funding from George Soros. Their site has a summary of the information posted. For a different look at this case, see the 9 Nov opinion piece by Holman Jenkins Jr. who asks who stole the information to begin with. That is a good question.
But what this shows is the lack of security at the law firms that are holding the information about all of these shell companies they have established. This is the kind of information that, once it gets out, cannot be put back without a lot of work - hopefully not billed to the client. I wonder about that part, but don’t care what it costs. It was nice to see these fat cats fur flying.
As an industry, law firms have some of the most sensitive information any company holds, and these law firms that were hacked had some of the most sensitive of all. With this kind of information available on a corporate system, you have not just the law firms secrets about its clients, but the clients secrets about their external dealings. That kind of material is very valuable monetarily, and politically. So, all the more reason to get a better security system than some of the people who use their services. It is not good enough to figure out, after the fact, that the data was stolen. Law firms should know better than most what due diligence is. They need to get together and establish standards for the protection of legal data, little things like encryption at rest come to mind, and do some external audits of their systems to make sure people adhere to those standards.
No comments:
Post a Comment