Corporate America isn’t the only one experiencing hacking incidents. Law firms, too, can fall victim to cyberattacks. According to a recent New York Times report, federal law enforcement authorities are encouraging firms to report such attacks.

A February 2015 report by Citigroup’s cyberintelligence center highlighted the vulnerability of larger law firms’ networks and websites. According to the Times, the report stated that it’s reasonable to assume that firms can be targets of attacks because of the confidential corporate information they receive. The report also stated that it’s not possible to determine whether such attacks are on the rise due to most firms’ reluctance to report such incidents.

John P. Carlin, assistant attorney general for national security, urged lawyers at the American Bar Association’s conference in New Orleans to “promptly inform clients and law enforcement authorities of attacks that could compromise confidential information.” He asserted that firms should not see such breaches as a “badge of shame.”

The report also listed a number of firms and cyberattack incidents. Because the Citigroup unit did not give the named firms an opportunity to respond before the report was published, Citigroup issued a public apology and, according to a Times source, has stopped distributing it.