Live disclosure tracker · updated continuously

Law Firm Data Breaches

Law firms hold the most sensitive corporate data outside the client itself — M&A, IP, litigation, settlements. They are systematically targeted by both criminal and state actors. Below is every law-firm breach LeakTrace has indexed.

98B+
Records Exposed
95
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 ★ Worst of 2026

Law Firm Data Breaches (95 indexed)

medium · legal · Jun 29, 2026

EXCLUSIVE

Fox Rothschild is a top-100 law firm whose articles and resources have been cited on DataBreaches.net and PogoWasRight.org dozens of times over the years. This time, however, they are the subject of a post because they w

medium · legal · Jun 18, 2026

We Didn’t Have a Data

Esteban Morin, the Head of Legal at VRChat described a recent situation: Last week my company, VRChat, was the subject of multiple articles and social media outrage stemming from a data breach notice that was posted on t

View incident → Original disclosure Indexed 2 weeks, 1 day ago
medium · legal · Jun 10, 2026

LA: St. George fire district

Deon Guillory reports: St. George Fire Protection District No. 2 filed a lawsuit against its former IT security provider, alleging the company’s failures led to a cyberattack that compromised the fire district’s network.

View incident → Original disclosure Indexed 3 weeks, 2 days ago
critical · legal · May 22, 2026

Radiology Associates of Richmond

On July 1, 2025,  Radiology Associates of Richmond (“RAR”) reported a breach to HHS that had occurred in April 2024 and affected more than 1.4 million patients. By the end of July 2025, the well-known radiolo

View incident → Original disclosure Indexed 1 month, 1 week ago
medium · legal · Apr 24, 2026

In Other News

Other noteworthy stories that might have slipped under the radar: Supreme Court hacker sentenced, Lovable exposed user data, Google expands enterprise security. The post In Other News: Unauthorized Mythos Access, Planke

View incident → Original disclosure Indexed 2 months, 1 week ago
medium · legal · Apr 10, 2026

Silent Ransom Group

Jones Day wasn’t the only big law firm to recently fall prey to threat actors variously known as Silent Ransom Group, Luna Moth, Chatty Spider, or UNC3753. DataBreaches will refer to them as the Silent Ransom Group

View incident → Original disclosure Indexed 2 months, 3 weeks ago