US law firm Campbell hit by a ransomware attack

Visual representation of ransomware by showing encrypted files on a display

(Image credit: Shutterstock)

Campbell Conroy & O'Neil, P.C. (Campbell), a US law firm with scores of Fortune 500 companies as clients, has admitted to a data breach on its network.

The attack happened in February, but the law firm has only just made the incident public. In a statement, the law firm said it became aware of unusual activity on its network and launched an investigation that revealed ransomware impacted its network.

SonicWall warns of imminent ransomware campaign on VPN hardware How to reduce the risk of phishing and ransomware New ransomware group is attacking US firms and educational establishments 84% of organizations experienced phishing or ransomware attacks in the last year

Campbell collaborated with investigators to determine the full nature and scope of the event.

The firm’s client list includes many big-name companies worldwide, including Boeing, British Airways, Exxon, Pfizer, and Home Depot.

The law firm couldn’t confirm if hackers accessed or viewed any specific information relating to individuals. However, it determined the information present in the infected system included names, dates of birth, driver's license numbers, state identification numbers, financial account information, Social Security numbers, passport numbers, payment card information, and more.

As part of its commitment to the privacy of personal information in its care, Campbell said it would be “reviewing our existing policies and procedures and are working to implement additional safeguards to further secure our information systems.”

“As an added precaution, we are also offering twenty-four (24) months of complimentary access to credit monitoring, fraud consultation, and identity theft restoration services to individuals whose Social Security numbers or the equivalent were accessible as a result of this event,” the firm said.

RELATED RESOURCE

Security awareness training strategies for account takeover protection

Why you need an inside-the-perimeter strategy for internal threats

FREE DOWNLOAD

Skurio CEO Jeremy Hendy told IT Pro that it’s important for Campbell Conroy & O’Neil, P.C to proactively monitor the dark web and other underground forums to see if their data is being leaked, marketed, or sold online.

“Being first to know that their data is out there gives them time to investigate the incident and know if the ransomware group has exposed the data,” he said. “Behind the scenes, we strongly encourage any businesses suffering a breach to automatically react on the assumption sensitive data could be involved. Even if the data is not immediately shared or sold, it may surface long after the original breach occurred, resulting in difficult questions for the business to answer.”

Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.