Appleby refutes all allegations of wrongdoing after hacking breach

Bermuda-based law firm Appleby has denied that any it or any of its clients are guilty of wrongdoing after it admitted that some of their details might have been accessed by hackers in a 2016 security breach and leaked to the media.

The law firm stressed that it operates in highly regulated jurisdictions and stressed that some of the allegations made against both it and its clients stem from the use of materials that have been obtained illegally.

The statement came after Appleby received enquiries from the International Consortium of Investigative Journalists (ICIJ) and a number of media organisations who are partners of the ICIJ. Appleby said that these enquiries have arisen from documents that journalists claim to have seen and involve allegations made against Appleby’s business and the business conducted by some of its clients.

Appleby said that: “We take any allegation of wrongdoing, implicit or otherwise, extremely seriously. Appleby operates in highly regulated jurisdictions and like all professional organisations in our regions, we are subject to frequent regulatory checks and we are committed to achieving the high standards set by our regulators. We are also committed to the highest standards of client service and confidentiality. It is what we stand for. This commitment is unequivocal.

“Appleby has thoroughly and vigorously investigated the allegations and we are satisfied that there is no evidence of any wrongdoing, either on the part of ourselves or our clients. We refute any allegations which may suggest otherwise and we would be happy to cooperate fully with any legitimate and authorised investigation of the allegations by the appropriate and relevant authorities.

“We are an offshore law firm who advises clients on legitimate and lawful ways to conduct their business. We do not tolerate illegal behaviour. It is true that we are not infallible. Where we find that mistakes have happened we act quickly to put things right and we make the necessary notifications to the relevant authorities.”

It added that it was also committed to protecting its clients’ data. It said that: “We have reviewed our cyber security and data access arrangements following a data security incident last year which involved some of our data being compromised. These arrangements were reviewed and tested by a leading IT Forensics team and we are confident that our data integrity is secure.”

The firm said that it reiterated its commitment to responsible business conduct and added that it is “disappointed that the media may choose to use information which could have emanated from material obtained illegally and that this may result in exposing innocent parties to data protection breaches”.

It also added the following Parthian shot: “The ICIJ themselves recognise the legitimacy of the offshore sector with the following statement on their website: ‘There are legitimate uses for offshore companies and trusts. We do not intend to suggest or imply that any people, companies or other entities included in the ICIJ Offshore Leaks Database have broken the law or otherwise acted improperly.’”