If cyber researchers can find an exposed database of legal documents like this, then so can the bad guys. 

If you rely on a third party to manage documents (or any other form of sensitive data), it's essential to actively 'trust but verify' that they are protecting your sensitive material ... through monitoring, audits, or other mechanisms.