Protecting Against Insider Data Theft and Misuse

Protecting Against Insider Data Theft and Misuse

When you think of a data breach, you probably think of a breach caused by outsiders, hackers, cybercriminals, ransomware and the like, the barbarians at the gate if you will. But outsiders aren’t the only own threats to your data. Insiders are behind a significant amount of data breaches—over half of all breaches, in fact, according to a 2015 report by Baker Hostetler.

Thirty-six percent of data breaches were caused by employee negligence, that report found, while insider theft was behind another 16 percent. That means insider data theft was involved in about one out of every six breaches. Law firms aren’t spared either; even the most respected lawyers can become data thieves. And when that happens, the costs can be enormous, both financially and reputationally. However, a swift investigation, coupled with powerfully simple document and data management, can help reduce those risks.

The Associate Who Wants 210k and the Mondrian

What would cause an employee, an attorney, even a seasoned partner to misappropriate data? Private gain, of course. Revenge, sometimes. A desire to see the world burn, maybe. And in one recent case, even a nice work of art played a key role in one attorney's turn to a life of crime. Yes, an artwork, though whether this particular piece was painting, sculpture, or performance art is unknown.

Last Thursday, a litigation associate at Dentons was charged with extortion for allegedly purloining sensitive firm information and threatening to leak it to the blog Above the Law. The associate, Michael Potere, reportedly demanded $210,000 and an artwork in exchange for keeping the docs secret. He’s been charged with violating 18 U.S.C. § 1951(a), which prohibits interfering with commerce by robbery or extortion.

Potere reportedly came across sensitive firm documents thanks to a partner’s carefree approach to password security. The partner gave Potere his email password so that the associate could access documents in a case. Potere then allegedly used that access to pull all sorts of valuable files: financial reports, client lists, employment reviews, even memos on how to collect from deficient clients.

The associate was apparently aggrieved by his treatment by the firm—and he must have really liked that artwork. After informing the firm that he would be returning to grad school, the firm declined to let him continue working through the summer, according to Bloomberg. The alleged extortion then followed.

“I have nothing to lose, it’s already been taken,” Potere reportedly told partners in a taped conversation. “It’s already gone. So, and that’s just like what’s happening to me and my friends professionally all the time. And everyone gets away with it all the time.” (Millenials, amirite?)

This is an associate at a major firm, a J.D. from one of the best law schools in the country, with a federal clerkship under his belt, and another graduate degree awaiting him—but he’s got nothing to lose. That must have been some good art.

The (Surprisingly Common) Attorney-Slash-Insider-Trader

Disgruntled associates aren’t the only ones who could misuse and abuse sensitive information. In May, Walter ‘Chet’ Little, a former Foley & Lardner partner, was charged with insider trading after he allegedly used information from the firm’s clients to gain approximately $1 million in illegal profits. According to the Securities and Exchange Commission, Little used insider information from 11 clients to make trades before that information was made public.

To be clear, this was not insider information from Little’s clients; he was a real estate partner at Foley, not a securities practitioner. Rather, they were other firm clients whose information Little accessed, the SEC claims, through the firm’s document management system.

In one instance, according to the criminal complaint against him, Little hopped into the files for “Project Megatron” to poke around. Project Megatron was the codename for the potential acquisition of Magnetek, a manufacturer of hydraulic drives and elevator control systems, by Columbus McKinnon, a company in the hoists, chains, and cranes space. Little didn’t bill any hours on that matter, but he did make several trades after viewing information regarding the acquisition, for a net profit of about $166,177, according to the SEC.

Little isn’t the only partner to have allegedly misused law firm information, either. Robert Schulman, a partner at Arent Fox, was convicted of securities fraud in March. Even law clerks and law firm systems engineers have been implicated in misusing inside information taken from the firm.

Spotting Problems and Moving Quickly to Neutralize Them

Such breaches are huge liabilities, implicating both lawyers’ professional responsibilities to protect client confidences and damaging law firm reputations.

But you don't need to despair at the proliferation of insider data theft and misuse. A good information governance regime can help identify potential threats, while a sophisticated data management system (internal investigation technology) can help you move quickly to confirm wrongdoing or exonerate the accused.

When potential misuse arises, an agent-based data loss prevention system can alert you of suspicious activities. At that point, data can be collected from your systems of record and reviewed to identify relevant documents. If you’re using a sophisticated platform like Logikcull, data can be processed in a matter of minutes—just drag it and drop it, then let Logikcull’s automated processing take over. Culling filters can narrow down docs to the most important files, while powerful search capabilities help you identify the “smoking gun” quickly.

If a lawyer has been emailing himself confidential documents, for example, that can be spotted quickly and easily. If an insider has been engaged in more sophisticated wrongdoing, such as securities fraud, complex queries and stacking searches can help you tie together crucial concepts, keywords, and relationships in order to develop an understanding of what transpired.

Catching such events quickly and easily can bring significant cost and reputational savings. And you won’t have associates walking out with the artwork.

This post was authored by Casey C. Sullivan, Esq., who leads education and awareness efforts at Logikcull. You can reach him at or on Twitter at @caseycsull.

Want to see Logikcull in action? 

Let us show you how to make Logikcull can help you save thousands in discovery.

Want to see Logikcull in action? Let's chat.

Our team of product specialists will show you how to make Logikcull work for your specific needs and help you save thousands in records requests, subpoenas, and general discovery.