Offshore law firm Appleby suffered a cyber attack last year in which client data was stolen.

Clients are now bracing themselves for what could be a second "Panama Papers" style leak.

The International Consortium of Investigative Journalists has approached the firm with allegations of wrongdoing, which it strongly denies.

LONDON – Super-rich clients of offshore law firm Appleby are bracing themselves for the exposure of their financial secrets, after the firm admitted data had been stolen in a cyber attack last year.

The law firm, which has offices in territories including Bermuda, admitted it was "not infallible" and said some client data had been stolen in the hack, but denied any wrongdoing. The International Consortium of Investigative Journalists (ICIJ) has since approached the firm with allegations of wrongdoing, after it was handed data obtained in the hack, which Appleby strongly refutes.

Appleby said in a statement it did not tolerate "illegal behaviour," and said the ICIJ's allegations were "unfounded and based on a lack of understanding of the legitimate and lawful structures used in the offshore sector." The firm said it had investigated the allegations "thoroughly and vigorously," and was satisfied there was no evidence of wrongdoing "either on the part of ourselves or our clients."

The ICIJ and its media partners are reportedly planning to publish a series of stories based on the allegations.

The news comes 18 months after the release of the so-called "Panama Papers" breach, in which 11.5 million documents were leaked from law firm Mossack Fonseca. The leak led to a series of high-profile scandals, including the resignation of the Prime Minister of Iceland after it was alleged he had hidden millions of dollars-worth of investments in an offshore shell company.

Appleby, which has branches in tax havens including the Cayman Islands and British Virgin Islands, specialises in advising high-net worth individuals as well as public and private companies. Its clients are said to include FTSE 100 and Fortune 500 companies, and the individuals affected by the leak are reported to be among the richest in the UK.

Appleby also criticised the ICIJ for using data that had been "obtained illegally." The firm said it had reviewed its cyber security arrangements since last year's hack, and was now "confident that our data integrity is secure."

Data breaches at law firms are a growing concern, since emails — in which confidential documents tend to be sent — are frequently un encrypted. As well as being leaked, such information can be sold by hackers to third parties, to be used in crimes such as insider trading.