The following incidents happened between 2024 and 2026 to US law firms, accounting firms, and real estate closings. Each one started the same way: a sensitive document or instruction was sent by email.
The sellers' attorney email was compromised before closing. Fraudulent wire instructions were sent to the buyer, who wired the funds to the scammer's account.
Business Email Compromise is one of the most financially damaging online crimes, causing billions in losses annually.
Each case follows a familiar pattern. Email is always the entry point.
Richard Bates received an email with "updated" wire instructions that appeared to come from his attorney. Hackers had breached the law firm's email months earlier.
Strauss Troy LawA Digital Shell share link would have been traceable and watermarked. Any unauthorized access would have been recorded in the access logs, and the original link would have been revocable instantly.
The INTERLOCK ransomware group leaked 1.3 terabytes of law firm data on the dark web, including over 1.7 million documents and 200,000 client folders.
Class Action InvestigationDocuments shared via Digital Shell are encrypted end-to-end with access tied to individual recipients. A breach of our servers would expose only encrypted blobs — not readable content. Plus, access codes are hashed, not stored in plaintext.
Even top-tier firms are vulnerable. Jones Day confirmed in April 2026 that hackers had accessed the files of 10 clients.
BloombergZero-knowledge architecture means we literally cannot read your clients' files. Even if our entire database was leaked, attackers would only see encrypted blobs. Your attorney-client privilege stays intact.
A single click on a phishing email exposed tax information for 40 clients at this Austin CPA firm, including W-2s with high-value estimated tax deposits.
Journal of AccountancyWith Digital Shell, tax documents are never attached to emails. Clients upload them to a secure link that's encrypted in their browser. Even if the firm's email is compromised, there are no sensitive attachments to steal.
Three months of client data was exfiltrated undetected. The breach was only discovered when two clients reported fraudulent tax returns filed in their names. The firm closed in 2025.
Nerds SupportAll client data shared via Digital Shell has detailed access logs. You'd know if someone accessed a document from an unusual location — not 3 months later when your clients call you.
The FBI reports that email-based real estate fraud reached $275 million in losses in 2025. 17% of title companies sent client money to fraudulent accounts.
FBI via National Association of RealtorsDigital Shell never relies on email for sensitive instructions. Banking details, closing documents, and escrow info are shared through encrypted links with 6-digit access codes sent via a separate channel. Interception requires compromising two independent channels — nearly impossible.
The IRS received over 250 data breach reports from tax professionals in 2024, impacting more than 200,000 clients. Accounting firms face an average of 900 cyberattack attempts during tax season alone.
Wolters KluwerIRS Publication 4557 requires secure document exchange. Digital Shell is designed to meet these requirements out of the box: zero-knowledge encryption, access logs, and retention controls that satisfy FTC Safeguards Rule compliance.
Every breach in this list started with email. Digital Shell replaces the weakest link in your workflow with encrypted, expiring, auditable shares.