The primary reason law firms are often the victim of cyberattacks is because they have sensitive (and valuable) information about multiple companies or entities housed in databases, documents and emails.  In essence, this makes firms “one-stop shops” for cybercriminals since they can obtain the desired data on multiple companies via a single source.  Furthermore, if a cybercriminal were to attempt to access an individual company’s database directly, they would likely encounter more sophisticated security measures than those employed by the law firm.  More data + easier access = prime targets.  The key word here is Access.  Current authentication technologies that allow access to any legal account are all based on possession of a static credential.  Anyone, including a hacker, who possesses the static credential, can assert themselves (or impersonate) on behalf of the legitimate account owner, creating a breach and subsequent damage.  NimbusID via MindPrint can serve as the Identity Test to whoever is asserting via a static access credential, so that in the event of successful credential takeover, the access breach is prevented unless the impostor can pass the unique user MindPrint Identity Test.