Maybe It's Time to Delete Your Law Firm's Facebook Account

When Facebook said a data breach affected 50 million people, it's not like it was the end of the world.

The social media platform has more than one billion active accounts, so what's that, like five percent? No worries, right?

Wrong. If your law firm has a Facebook account, you now have an ethical issue.

Technical Competence

Adding to Model Rule 1.1 of the American Bar Association, dozens of states require lawyers to maintain technical competence. That includes knowing the "risks associated with relevant technology."

Facebook's latest data breach is just the tip of the iceberg. It's been a problem at least since the 2016 election year breach, and it's getting bigger.

According to reports, Facebook blocked news stories about its security breach. When it comes to fake news, President Trump could actually be right.

The data breach is serious -- not only for lawyers -- but for anybody who cares about their online accounts. Attackers exploited code that allows them to steal "access tokens."

Access Tokens

The tokens are not passwords, but they allow hackers to login to accounts without them. That could include firm accounts, client accounts, bank accounts; need we say more?

Facebook said the breach also affected third-party apps, like Instagram. The company logged out about 90 million people from their accounts as a precautionary measure.

For law firms, it may be time to log out and find a more secure site. Either that or wait for the next data breach.

Related Resources:

• Tide Rises on Lawyers' Duty of Tech Competence (FindLaw's Technologist)
• Apple Sued by Memoji App Maker (FindLaw's Technologist)
• Is Guitar Hero a Gamer Villain? (FindLaw's Technologist)