Getting Hacked Could Lead to Ethics Violations – Use LastPass to Secure Passwords

“Lawyers whose attorney trust accounts are cleaned out by cybercriminals should be prepared to answer to attorney-disciplinary authorities. And such a theft could result in disciplinary action for a lawyer who is careless about safeguarding client funds, ” warns the New Jersey Law Journal.

On Friday, a suit was removed to federal court in Trenton, New Jersey, in the case of an East Brunswick law firm that had more than $200,000 stolen from its trust account. It’s unknown if the law firm, Sapiro Gottlieb & Kroll, or its attorneys will face disciplinary action as a result of the theft. The firm sued TD Bank, claiming that it issued a password allowing an unknown party to access the trust account and make a series of wire transfers.

Password security is vital for attorneys.  According to Wisconsin Ethics Opinion EF-15-01, Ethical Obligations of Attorneys Using Cloud Computing:

A lawyer may use cloud computing as long as the lawyer uses reasonable efforts to adequately address the risks associated with it… Lawyers should understand the importance of computer security, such as the use of firewalls, virus and spyware programs, operating systems updates, strong passwords and multifactor authentication, and encryption for information stored both in the cloud and on the ground.

Password management is a topic that I cover with my Advanced Legal Research students right at the beginning of every semester.  As attorneys, they will be responsible for numerous passwords and I want them to learn and practice good password management early on.  I suggest the use of a password manager like LastPass which is an encrypted digital vault that stores the login information you use to access apps, websites, and other services.

Password managers are both convenient – you just remember one master password – and secure – they keep your identity, credentials, and sensitive data safe.  They discourage the reuse of the same password on multiple sites so that if one site does get hacked, your stolen password can’t be used on other sites.  A password manager can also can generate strong, unique passwords for you.

I recommend LastPass, but there are many others on the market, both free and fee-based.  See PC Magazine’s, The Best Password Managers for 2022.  This short video explains why and how attorneys can use LastPass to secure their passwords.