As a law firm, getting hacked is bad enough. But one Pennsylvania law firm learned an even harder lesson when it sued Bank of America to recover client funds stolen by hackers. In O’Neill v. Bank of America, a federal judge dismissed a law firm’s claim that its bank bore ultimate responsibility after one of the firm’s shareholders unwittingly transferred $580,000 from the firm’s IOLTA account to computer hackers in Hong Kong. While the hackers were, “of course…the real culprit[s],” the court announced that “as between the law firm and the bank, the firm must bear the loss. The law firm’s hacking and court’s decision in O’Neill present important lessons for Kentucky practitioners about cybersecurity.