LS-ISAO Response to RepKnight Report

RESTON, VA, USA – January 25, 2018- London and Belfast-based breach detection firm RepKnight released a report this month on what it says are more than one million stolen credentials of employees of law firms in the United Kingdom. RepKnight notes in the report that the vast majority of credentials are from third-parties and not the firms themselves. LS-ISAO and its members who have similar Dark Web monitoring and breach detection services have analyzed recently released Dark Web data. Most current credential information appears to be from the 1.4 billion dump discovered on the Dark Web in December 2017. While the risks of credential theft and ensuing attacks are real, LS-ISAO does not assess this report represents a new threat or dump, but highlights industry-specific data from a known issue that LS-ISAO and member firms have already addressed or are in the process of addressing. LS-ISAO analysts and members will continue to collaboratively monitor this issue.


The Legal Services Information Sharing and Analysis Organization (LS-ISAO) is a member-driven organization whose mission is to provide a secure framework for sharing actionable threat and vulnerability information in partnership with leading sources of threat intelligence, while fostering member collaboration with and among other key sectors and government agencies to prevent and respond to cyber security incidents. Law firms join LS-ISAO to share threat indicators with industry peers and gain additional intelligence from analysts who research, anonymize, and disseminate actionable alerts in near and real time. Press may contact Patrick McGlone at pmcglone@ls-isao.comwith questions.

Chad McAuslin