As you know, some hacker (probably from Russia) attacked this site and shut it down. Apparently, the attack was so vicious my webhost had to intervene and restrict my site.
Ultimately, the hack resulted in me having to totally "dismantle" this site and upload a clean copy. Unfortunately, that wasn't easy, primarily because of a costly failure in one of my paid backup applications and my virus protection software.
Fortunately, I'm a stickler for redundant & ubiquitous backups, so getting up and running was a matter of unpacking a backup and uploading the site. The annoying part is that all of my categories and post tags were lost, something I'm willing to live with.
This event reiterated 2 important principles to me. First, stupid backups are important, and seemingly worthless backups are lifesavers. In other words, you can never have too many backups of your data. Second, safeguard those passwords as though they were your heart, and make them almost impossible to crack (longer than 10 characters).
My hacking event may have occurred because of a variety of reasons, but I believe a hole in an FTP program I used, plus a relatively simple (6 characters) FTP password caused the breach.
Not having any site backups would have been tragic. The same is true for your law firm's data. BACKUP your stuff right now! Once that's done, CHANGE YOUR PASSWORDS TO SOMETHING STRONG. You can use this site to generate a strong one. I'd recommend at least 12 characters with a mix of letters, case, and characters.
Don't delay, do it now.