To our customers using Clio and Faster Law,
Faster Suite is now live again, and I want to apologize for the pain that this week and the past few months have caused. You will need to download the newest version of Faster Suite and reauthorize it to your Clio account. Please see instructions here.
There’s nothing we take more seriously than the security of your data and the trust you put in us as stewards of that data. The actions we took earlier put the safety of your data above all else, even though it resulted in an outage for an integration partner.
I want to share more details about the events that led us to take the action of deactivating the Faster Law integrations, and how we’ve worked around the clock over the last 48 hours to resolve the issue with Faster Law.
On Monday, we detected that the Faster Law service was accessing large amounts of information beyond the scope of what was necessary and appropriate in order to run the Faster Law integrations. The scale of access was to virtually every Faster Law-enabled Clio account, and originated from a server that we later discovered was controlled by Faster Law. This large-scale data access triggered Clio’s security team, and we made the decision to disable the Faster Law integration out of an abundance of caution.
We had reasonable cause to believe the Faster Law application had been compromised and was exporting data from shared Faster Law and Clio customers. Although we realized disabling the app would have a widespread and significant impact on the workflows of our shared customers, we prioritized the security of your data over the availability of the Faster Law integration. Although this was a difficult decision, it was the right one, and one I hope reinforces your trust in our ability to securely steward your data.
With the Faster Law integration and ongoing security risk eliminated, we launched an investigation into the security incident with the Faster Law team. We’ve since identified the source of the security incident, and received assurances from the Faster Law team that any data that was inappropriately accessed has been fully deleted. As part of our investigation, we also identified the underlying security issue in the design of Faster Law that permitted the access described above, and have worked with the Faster Law team to update their app to remove this potential security vulnerability.
As a result of these changes, as I mentioned above, we’re happy to let you know Faster Law has been re-enabled on the Clio integration ecosystem.
I want you to know we take nothing more seriously than our customer success, and we see nothing more integral to your success than the security of your client data. While I understand the actions we took this week caused you short-term pain, I hope you can understand we undertook this action in the interest of avoiding the long-term, irrecoverable pain of compromised data security.
In cooperation with the Faster Law team, we will continue to work tirelessly over the coming months to improve the reliability and security of the Faster Law integrations.
Our customers are at the core of every decision we make—even and especially the hard ones.
CEO and Co-founder of Clio