The Power of One Document: A True Story

It seems that many of us are guilty of judging the severity of a hack, leak or theft of information by how much information was stolen. The theft of a million customer records is worse than the theft of a few thousand, to be sure, but when it comes to documents, quantity should not always be the way we measure how damaging the theft will be. Someone might steal every “public” document from an organization, and that would pale in comparison to someone who steals just one document that could cause irreparable harm.

Many years ago, while I was exhibiting at a trade show in Essen, Germany, I received a panicked phone call from my largest client—a major global law firm with over 50 offices spanning six continents.

The crisis stemmed from a document that had been leaked. It contained damning opinions from some of the firm’s partners about the Board of Directors of their largest client. This document detailed personal indiscretions of board members, such as affairs, alcoholism, and other sensitive matters. To make matters worse, this document had made its way to the press in the city where the client was headquartered, resulting in public scandal.

Upon investigation, it was revealed that the document had no security measures in place, meaning anyone in the firm could access it. Luckily, access logs were available, and the culprit was identified. However, the damage was done.

Enraged, the client delivered an ultimatum: every document related to them must be secured immediately. On Monday morning, they would audit the system. Failure to meet their demands would result in the client terminating their relationship with the law firm.

This happened on a Thursday.

The law firm was in a dire situation. With documents spread across 50+ offices worldwide and limited technology at the time (this was the late 1990s or early 2000s), remote fixes were not feasible. They asked me to come to their main office and help.

At the time, the firm had purchased one of my software solutions, WincWall, an ethical wall system designed to ensure compliance and secure sensitive documents. However, despite having the solution, they had never installed it.

I arrived Thursday night. I immediately installed and configured WincWall to secure all documents related to the client. By Monday morning, the system was ready.

That morning, a team of the client’s auditors in tailored suits arrived at the firm’s office. They performed rigorous tests: random document checks across offices, logging in as different users with different access rights, running database reports, and attempting every possible way to break the security of their documents.

The result? The law firm passed with flying colors. The client relationship was saved.

This experience taught me a valuable lesson: it takes just one stolen document to put an entire organization at risk—no matter how large or powerful it may be.