According to the complaint, Zumpano Patricios failed to implement adequate security protocols to protect highly sensitive personal data. Manning argues that the firm did not act swiftly enough to contain the breach or inform those affected in a timely manner. The lawsuit seeks class-action status and accuses the firm of violating Florida’s data breach notification laws as well as various common law duties, including negligence and breach of fiduciary duty.
The plaintiff also alleges that victims are now at heightened risk of identity theft and fraud, with no assurances that their information won’t be misused in the future. Manning is seeking damages, credit monitoring services, and a court order requiring the firm to improve its cybersecurity infrastructure.
Cyberattacks on law firms have become increasingly common in recent years, given the vast amounts of sensitive client data they store. Legal industry professionals say that firms are becoming lucrative targets for hackers due to inadequate cybersecurity relative to the sensitive nature of their work. Data breaches involving legal service providers not only endanger individuals’ privacy but also undermine client trust and professional integrity.
This lawsuit highlights growing concerns over cybersecurity in the legal sector and underscores the importance of proactive measures to prevent data breaches. Experts warn that failing to prioritize cyber protections can lead to substantial legal, financial, and reputational consequences.
In a public statement, Zumpano Patricios acknowledged the breach and affirmed that it has been working with third-party cybersecurity experts to investigate the incident and enhance its digital defenses. The firm also noted that it has offered affected individuals complimentary identity theft protection and credit monitoring services.
However, critics argue that such measures are insufficient after-the-fact responses, and more must be done to safeguard sensitive data on the front end. The lawsuit could pave the way for broader scrutiny of law firm cybersecurity practices, especially as class actions related to data breaches become more common across various industries.
