The Bermuda ‘Super Rich’ Hack

No Place to Hide: A leading offshore law firm with clients including the super-rich and international corporations has revealed it suffered a “data security incident” that may result in customers’ private information being leaked.

Bermuda-based Appleby, which has offices in a number of British, overseas territories, said some of its data had been “compromised” in the 2016 cyber incident.

The firm issued a statement after it was contacted by a group of investigative journalists probing allegations concerning its “business and the business conducted by some of our clients”. Without specifying, Appleby said it had taken the allegations “extremely seriously” and after investigating the claims itself concluded “there is no evidence of any wrongdoing, either on the part of ourselves or our clients”.

Appleby said: “We are an offshore law firm who advises clients on legitimate and lawful ways to conduct their business.” “We do not tolerate illegal behaviour. It is true that we are not infallible. Where we find that mistakes have happened, we act quickly to put things right and we make the necessary notifications to the relevant authorities. “We are committed to protecting our clients’ data and we have reviewed our cyber security and data access arrangements following a data security incident last year which involved some of our data being compromised.
“These arrangements were reviewed and tested by a leading IT forensics team and we are confident that our data integrity is secure.”

The firm said it was “disappointed” that the media may choose to publish material “obtained illegally” and warned that it may result in “exposing innocent parties to data protection breaches”.
According to Appleby’s website, its experts advise global public and private companies, financial institutions, and “high net worth” individuals.

A profile on Chambers and Partners says its clients include financial institutions, FTSE 100 and Fortune 500 companies. Through offices in Bermuda, the British Virgin Islands, the Cayman Islands, Guernsey, the Isle of Man, Jersey, Mauritius and the Seychelles, it helps clients “achieve practical solutions, whether in a single location or across multiple jurisdictions”.
The company, which was named offshore firm of the year by Legal 500 UK in 2015, also has a presence in Hong Kong and Shanghai.

The cyber security incident has emerged around a year after a trove of private financial information relating to hundreds of individuals, including celebrities and high-profile public figures, known as the Panama Papers was stolen from legal firm Mossack Fonseca.