Global Law Firm Breached & Data Stolen

International law firm Allen & Overy (A&O) has suffered a “data incident” and parts if its corporate network affected, as a consequence of an attack by the prolific LockBit ransomware group. 

The London-based legal firm has disclosed it “experienced a cyber security incident impacting a small number of storage servers” after social media posts claimed LockBit  hackers had accessed the company systems and were threatening to publish data from the firm’s files. 

“We have experienced a data incident impacting a small number of storage servers,” an A&O spokesperson said.
“Investigations to date have confirmed that data in our core systems, including our email and document management system, has not been affected,” AO said in a statement.  The company also said it “took immediate action to isolate and contain the incident” and that an outside cybersecurity advisor was brought in to help assess “exactly what data has been impacted.” 

Threat intelligence platform FalconFeeds.io first posted about the LockBit claim November 7th on TwitterX, along with a screenshot showing A&O listed on the group’s dark leak site. “LockBit #ransomware group had added Allen & Overy to their victim list. They claim to publish the data on November 28th, 2023,” the TwitterX post stated.

The firm continues to operate normally with limited disruption due to the containment procedures, A&O said. The company said it would be informing affected clients while forensic investigations and remediation takes place. “We appreciate that this is an important matter for our clients, and we take this very seriously. Keeping our clients’ data safe, secure, and confidential is an absolute priority,” the spokesperson said.

Law Firms Increasingly Targeted by Hackers

Britain's National Cyber Security Centre has issued a threat report to law firms earlier this  year identifying that law forms are increasingly targeted by hackers aiming to steal sensitive documents . Last year, the Solicitors Regulation Authority for England and Wales, warned law firms that their growing dependence on technology as a result of remote working  following the Covid lockdown had created "more opportunities for cybercriminals."

In comment, Gerasim Hovhannisyanthe CEO of data protection firm EasyDMARC said "...his recent attack on another law firm is illustrative of the growing cyber threat faced by legal institutions. As organisations trusted with such sensitive data, it is imperative that cyber security measures are treated as a top priority by those in charge."

Other law forms were also claimed on LockBit’s victim blog in recent weeks with many of them facing ransom deadlines to retrieve their data from the threat of publication on the Dark Web. 

FalconFeeds:     A&O:    Reuters:      Cybernews:       FNLondon:        Law.com:     NCSC

LegalCheek:     EM360:

You Might Also Read: 

Criminal Records Office Hit By A "Cyber Incident”:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Halting The Rise Of Ransomware
Attack On Chinese Bank Disrupts Financial Trading »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

iXsystems

iXsystems

iXsystems is a leader in Open-Source enterprise server and storage solutions including Backup & Recovery to protect critical data.

Red Hat

Red Hat

Red Hat is a leader in open source software development. Our software security team proactively identifies weaknesses before they become problems.

OneLogin

OneLogin

OneLogin simplifies identity management with secure, one-click access,for employees, customers and partners, through all device types, to all enterprise cloud and on-premise applications.

Cyber Security Recruiters

Cyber Security Recruiters

Cyber Security Recruiters is a niche recruiting firm who finds impact players for our clients in the Information Security Space.

CLUSIL

CLUSIL

CLUSIL is an association for the information security industry in Luxembourg.

CERT.LV

CERT.LV

CERT.LV is the national Computer Emergency Response Team for Latvia.

Datacom Systems

Datacom Systems

Datacom Systems is a leading manufacturer of network visibility solutions.

AlAnsari Technical Solutions (ATS)

AlAnsari Technical Solutions (ATS)

ATS is a Kuwait based company specialised in delivering hardware/software, Virtualisation, IP Telephony / Unified Communication, Networking and professional IT services and solutions.

Commvault

Commvault

Commvault's data protection and information management solutions help companies protect, access and use all of their data, anywhere and anytime.

PCCW Global

PCCW Global

PCCW Global is a leading communications service provider, offering mobility, voice and data solutions to multinational enterprises, telecomms partners, cloud and application service providers.

Sec3

Sec3

Sec3 is a security and research firm providing bespoke audits and cutting edge tools to Web3 projects.

TIM Enterprise

TIM Enterprise

TIM Enterprise offers innovative, sustainable and secure 360-degree digital solutions to companies and public administrations.

FastPassCorp

FastPassCorp

In the world of IT, identity theft is a growing concern. FastPass offers an innovative solution as a cloud or on-premises offering.

Aurascape AI

Aurascape AI

Aurascape is working on advanced cybersecurity solutions powered by grounds-up generative AI architecture.

DeltaSpike

DeltaSpike

DeltaSpike empowers individuals and organizations worldwide through its comprehensive cybersecurity solutions.

ViroSafe

ViroSafe

ViroSafe is a leading value-added distributor of IT security solutions in Norway.