Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Orrick, Herrington & Sutcliffe LLP

Orrick, Herrington & Sutcliffe LLP Vendor Cyber Rating & Cyber Score

orrick.com

Orrick is a global law firm focused on serving the Technology & Innovation, Energy & Infrastructure, Finance and Life Sciences & HealthTech sectors. Leading companies and new entrants call on our teams in 25+ markets worldwide for forward-looking, pragmatic advice on transactions, litigation and compliance matters. We bring distinctive quality, teamwork, and value to the table – and innovate in everything we do. We’re especially focused on attracting and inspiring the best legal talent.


OHSL A.I CyberSecurity Scoring

OHSL
Company Information
Website:https://www.orrick.com
Employees number:3,100
Number of followers:65,035
NAICS:54111
Industry Type:Law Practice
Homepage:orrick.com
OHSL Risk Score (AI oriented)
Between 0 and 549
logo
OHSLLaw Practice
Updated:
30/06/2026
529/1000
Critical
C
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
OHSL Global Score (TPRM)
xxxx
logo
OHSLLaw Practice
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

OHSL
OHSLCritical
Current Score
529C (CRITICAL)
01000
4 incidents
-62 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
530Before Incident
JUNE 2026
527Before Incident
MAY 2026
520Before Incident
APRIL 2026
519Before Incident
MARCH 2026
515Before Incident
FEBRUARY 2026
510Before Incident
JANUARY 2026
563Before Incident
Breach
01 Jan 2026OHSL
Orrick and Herrington & Sutcliffe: Orrick Ex-Employee Drops Data Breach Suit Hours After Filing It

Orrick Ex-Employee Withdraws Data Breach Lawsuit

501After Incident
HIGH-62
ORR1777062892
Orrick Ex-Employee Withdraws Data Breach Lawsuit Shortly After Filing A former employee of Orrick, Herrington & Sutcliffe voluntarily dismissed a data breach lawsuit against the law firm just hours after filing it in a California federal court. Joseph Casillas, the plaintiff, had sought damages for himself and other alleged victims of a January cyberattack, accusing Orrick of failing to safeguard his personal information. Casillas’ legal team, including attorney Andrew Gunem, did not immediately respond to requests for comment following the dismissal. The withdrawal was filed without prejudice, meaning Casillas retains the option to refile the complaint in a different jurisdiction. Orrick has not publicly commented on the case since the lawsuit was dropped. The incident highlights ongoing legal and security challenges for organizations following cyber incidents, particularly when employee data is compromised.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Personal informationLegal Liabilities: Potential damages sought in lawsuit
DATA BREACH
Type Of Data Compromised: Personal informationSensitivity Of Data: High (employee personal information)Personally Identifiable Information: Yes
DECEMBER 2025
560Before Incident
NOVEMBER 2025
559Before Incident
OCTOBER 2025
555Before Incident
SEPTEMBER 2025
550Before Incident
AUGUST 2025
546Before Incident
MARCH 2023
682Before Incident
Breach
01 Mar 2023OHSL
Orrick, Herrington & Sutcliffe

Cybersecurity Threats and Data Breaches in Law Firms (2023-2025)

534After Incident
CRITICAL-148
ORR1642316100525
In March 2023, Orrick, Herrington & Sutcliffe suffered a major data breach where hackers infiltrated their systems, compromising the names, addresses, birth dates, and Social Security numbers of over 600,000 individuals. The breach led to a class-action lawsuit, forcing the firm to pay $8 million in settlements. The exposed data included highly sensitive personal and financial records, violating attorney-client confidentiality and exposing clients to identity theft, fraud, and reputational harm. The incident underscored vulnerabilities in the firm’s cybersecurity defenses, particularly around third-party access, weak authentication, and insufficient monitoring. The breach not only resulted in financial losses but also severely damaged the firm’s trustworthiness, prompting clients to question data protection measures. The attack was likely facilitated by exploited vulnerabilities or phishing, aligning with broader trends of cybercriminals targeting law firms for their troves of high-value legal and corporate data.
INCIDENT DETAILS -
TYPE
Data BreachRansomwarePhishingSocial EngineeringEspionageAI-driven Attacks (Deepfakes)
MOTIVATION
Financial Gain (Ransomware, Data Theft)Espionage (Nation-State)Data Exfiltration for Dark Web SalesDisruption of Legal Services
IMPACT
Financial Loss: $8 million (Orrick, Herrington & Sutcliffe settlement)NamesAddressesBirth DatesSocial Security Numbers (600,000+ records in Orrick breach)Sensitive Case Information (UK Legal Aid Agency)Client-Facing SystemsCloud StoragePractice Management SoftwareDigital Services (UK Legal Aid Agency offline)Printers (Overlooked Attack Vector)Downtime: UK Legal Aid Agency: Online applications, payments, and case processing haltedOperational Impact: Disruption of legal services, loss of client trust, regulatory scrutinyCustomer Complaints: Class action lawsuit (Orrick, Herrington & Sutcliffe)Brand Reputation Impact: High (Erosion of client trust, potential loss of business)Legal Liabilities: $8 million settlement (Orrick, Herrington & Sutcliffe)Identity Theft Risk: High (Exposed PII in Orrick breach)
DATA BREACH
Personally Identifiable Information (PII)Financial RecordsLegal StrategiesClient CommunicationsSensitive Case InformationNumber Of Records Exposed: 600,000+ (Orrick breach)Sensitivity Of Data: High (PII, legal confidentiality)Data Exfiltration: Yes (Silent Ransom Group, Orrick breach)Data Encryption: Likely lacking (based on described vulnerabilities)Personally Identifiable Information: Names, addresses, birth dates, SSNs
FEBRUARY 2023
602Before Incident
Breach
01 Feb 2023OHSL
Orrick, Herrington & Sutcliffe LLP

Data Breach at Orrick, Herrington & Sutcliffe LLP

681After Incident
HIGH-79
ORR223072725
The Maine Office of the Attorney General reported a data breach involving Orrick, Herrington & Sutcliffe LLP on August 18, 2023. The breach occurred on February 28, 2023, due to an external hacking incident, affecting a total of 461,100 individuals, including 221 Maine residents. Driver's License Numbers or Non-Driver Identification Card Numbers were compromised, and the affected organization is offering two years of identity monitoring services through Kroll.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Driver's License NumbersNon-Driver Identification Card Numbers
DATA BREACH
Driver's License NumbersNon-Driver Identification Card Numbers
JULY 2022
762Before Incident
Breach
22 Jul 2022OHSL
Orrick, Herrington & Sutcliffe, Proskauer Rose, Cravath Swaine & Moore, Mossack Fonseca and Weil Gotshal & Manges: Biggest Legal Industry Cyber Attacks

Law Firms Under Siege: A Rising Tide of Cyber Attacks Targets the Legal Industry

580After Incident
CRITICAL-182
ORRWEICRAMOSPRO1782779207
Law Firms Under Siege: A Rising Tide of Cyber Attacks Targets the Legal Industry The legal sector is facing an escalating cybersecurity crisis, with law firms increasingly targeted by sophisticated threat actors. A recent survey by Arctic Wolf and Above the Law revealed that 39% of law firms experienced a security breach in the past year, with 56% of those incidents resulting in the loss of confidential client data a devastating outcome for an industry built on trust and discretion. ### Why Law Firms Are Prime Targets Several factors make law firms particularly vulnerable: - Digital transformation: Firms rely heavily on cloud-based applications and web platforms, expanding their attack surface. - Valuable data: They store vast amounts of sensitive client information, including financial records, PII, and privileged legal documents. - Lack of preparedness: Only 26% of firms consider themselves "very prepared" to respond to cyber incidents. - Resource constraints: Many lack dedicated cybersecurity personnel or struggle to meet evolving compliance standards. - Sophisticated threats: The average ransom demand for legal organizations reached $1 million in 2023, with attackers exploiting weak incident response (IR) plans and third-party vulnerabilities. ### Notable Cyber Attacks on Law Firms #### 1. Orrick, Herrington & Sutcliffe (2023) - Attack type: Data exfiltration (details undisclosed) - Impact: Compromised PII and health data of 637,000 breach victims, leading to multiple class-action lawsuits. - Target: The firm specializes in data breach litigation, making its own client records a high-value target. #### 2. Grubman Shire Meiselas & Sacks (2020) - Attack type: Ransomware (REvil group) - Demand: Initially $21 million, later doubled to $42 million after hackers leaked Lady Gaga’s legal documents. - Outcome: The firm denied paying the ransom, though reports suggest a partial payment of $365,000 was made. #### 3. Proskauer Rose (2023) - Attack type: Data breach via unsecured Microsoft Azure cloud server - Impact: 184,000+ files exposed for six months, including financial deals, NDAs, and acquisition documents. - Response: The firm secured the server and launched an investigation with cybersecurity experts. #### 4. HWL Ebsworth (2023) - Attack type: Ransomware (ALPHV/Blackcat) - Impact: 4TB of data (2.2 million files) stolen, including employee IDs, financial reports, and client documentation. - Aftermath: Hackers leaked 1.45TB of data on the dark web; an Australian court issued an injunction to block access. #### 5. DLA Piper (2017) - Attack type: NotPetya ransomware (originating in Ukraine) - Impact: Global disruption employees lost access to email, phones, and documents. The firm spent 15,000 hours in overtime rebuilding its Windows environment. - Attribution: Linked to Russian state-backed actors. #### 6. Mossack Fonseca (2016) - Attack type: Alleged hack (or insider leak) - Impact: 11.5 million documents (Panama Papers) exposed, revealing tax evasion schemes and shell companies. - Aftermath: Governments recovered $1.2 billion in unpaid taxes; the firm shut down in 2018 amid reputational damage. #### 7. Cravath Swaine & Moore / Weil Gotshal & Manges (2016) - Attack type: Insider trading via malware - Perpetrators: Three Chinese nationals stole confidential M&A data, earning $4 million in illicit profits. - Penalty: The SEC fined them $8.8 million. ### The Broader Impact Cyber attacks on law firms extend beyond financial losses. Breaches erode client trust, disrupt operations (e.g., frozen billing systems), and trigger regulatory scrutiny. Many firms remain silent about incidents due to lack of mandatory disclosure laws, leaving the full scope of the problem unknown. As threat actors refine their tactics from ransomware to phishing and insider threats the legal industry must confront its cybersecurity gaps or risk becoming a persistent target.
INCIDENT DETAILS -
TYPE
Data exfiltrationRansomwareData breachMalware
MOTIVATION
Financial gainData theftInsider tradingReputational damage
IMPACT
$1 million (average ransom demand in 2023)$42 million (Grubman Shire Meiselas & Sacks)$365,000 (partial ransom payment)$1.2 billion (tax recovery post-Panama Papers)$4 million (illicit profits from insider trading)$8.8 million (SEC fine)Confidential client dataPIIHealth dataFinancial recordsLegal documentsNDAsAcquisition documentsEmployee IDsM&A dataCloud-based applicationsEmail systemsPhonesDocument management systemsBilling systems15,000 hours (DLA Piper)Global disruptionFrozen billing systemsLoss of access to critical systemsFirm shutdown (Mossack Fonseca)Class-action lawsuits (Orrick, Herrington & Sutcliffe)Class-action lawsuitsRegulatory finesInjunctions637,000 breach victims (Orrick)2.2 million files exposed (HWL Ebsworth)
DATA BREACH
PIIHealth dataFinancial recordsLegal documentsNDAsAcquisition documentsEmployee IDsM&A data637,000 (Orrick)11.5 million (Panama Papers)2.2 million files (HWL Ebsworth)184,000+ files (Proskauer Rose)High (privileged legal documents, tax evasion schemes, shell companies)Yes (Orrick, HWL Ebsworth, Grubman Shire Meiselas & Sacks)Yes (NotPetya, ALPHV/Blackcat)Legal documentsFinancial dealsNDAsAcquisition documentsEmployee IDsYes (Orrick, HWL Ebsworth)

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for OHSL ?
?
What was OHSL's A.I Rankiteo Cyber Score in June 2026 ?
?
What was OHSL's A.I Rankiteo Cyber Score in May 2026 ?
?
What was OHSL's A.I Rankiteo Cyber Score in April 2026 ?
?
What was OHSL's A.I Rankiteo Cyber Score in March 2026 ?
?
What was OHSL's A.I Rankiteo Cyber Score in February 2026 ?
?
What was OHSL's A.I Rankiteo Cyber Score in January 2026 ?
?
What was OHSL's A.I Rankiteo Cyber Score in December 2025 ?
?
What was OHSL's A.I Rankiteo Cyber Score in November 2025 ?
?
What was OHSL's A.I Rankiteo Cyber Score in October 2025 ?
?
What was OHSL's A.I Rankiteo Cyber Score in September 2025 ?
?
What was OHSL's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on OHSL's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with OHSL ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view OHSL's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?