A Connecticut law firm is facing a massive malpractice suit for allegedly leaving its clients vulnerable to cyber scams due to insufficient security measures.
Richard Bates, a resident of Palm Beach Gardens, Florida, filed a federal lawsuit against his attorney Patrick Walsh and the Ridgefield-based firm Hastings, Cohan & Walsh, LLP. Bates claims the firm’s alleged lax cybersecurity cost him a staggering $597,000 during a recent home purchase.
Bates had hired the firm to assist in buying a Connecticut home worth over $800,000, reported the Real Deal.
According to the complaint, hackers allegedly breached the firm’s private emails, snatching crucial details about the transaction, including the buyer’s purchase price, contact info and the timing.
Bates received an email from what he believed to be his law firm, complete with wire instructions. Trusting it, he wired the money — only to find out later that the email was a sophisticated fake. The hackers made off with $726,000; the banks managed to recover a mere $129,000.
Fuming, Bates has slammed his attorney for what he calls “virtually no protocol” to thwart fraud. His lawsuit paints a damning picture of the firm’s alleged cybersecurity protocol, describing it as reliant on “archaic email and data-storage systems.”
Bates claims that if the firm had implemented basic safeguards, like two-factor authentication, the fraud wouldn’t have occurred. He also accuses the firm of doing “virtually nothing” to fix the situation post-scam.
This isn’t a new issue in the real estate world. Professionals have been on high alert for years, aware of the rising tide of fraudsters hacking emails and sending bogus wire instructions.
The FBI reports that cyber scam losses skyrocketed from less than $9 million in 2015 to more than $446 million by 2022.
Stephen Conover, a Connecticut attorney specializing in legal ethics, told TRD that while attorneys are often victims too, they aren’t liable for crimes against clients unless they breach a fiduciary duty or fail to meet a “reasonable standard of care.” Conover points out that such lawsuits usually get settled out of court, thanks to insurance carriers.
Katie Carey, another Connecticut real estate attorney, emphasizes that two-factor authentication is just the beginning. She uses a robust cloud-based software with a client portal and multiple scam prevention mechanisms.
Her email signature even screams: “WIRE FRAUD IS REAL! We will NEVER email you asking to wire funds! Call the office immediately if you receive such an email.”
Whether attorney Walsh has a similar warning in his email signature is unclear — Walsh did not respond to requests for comment.
