What do Ford, Exxon, Walgreens, Johnson & Johnson, Coca-Cola, and Boeing have in common, apart from being household names and worth billions of dollars? The answer is, they all use or have at some point used the services of the same law firm. The name of the firm is Campbell Conroy & O'Neil and it published a statement in mid-July, informing that it became the target of a ransomware attack in early 2021.
In late February 2021, the firm became aware of unauthorized activity on its network, hired external security experts to investigate, and realized parts of the network were infected with ransomware. An investigation began, involving federal authorities as well. The disclosure about the hack comes only now because the investigation revealed that the bad actors behind the attack accessed "certain information relating to individuals".
What is the purpose of Ransomware hackers attacking a law firm?
As usual, there is no hard evidence of what information exactly the hackers were able to access, but the affected systems contained names, birth dates, financial account information, as well as social security, health insurance, and biometric data. If that serves as any consolation, the data sets related to different individuals vary and not all of this information was available for each individual who had a data set associated with them on the firm's network.
In other recent events, REvil Ransomware hackers were responsible for hitting a high profile-client law firm, which included the clients of Elton John, Robert DeNiro, and Madonna. The latest attack could very well be a continuance of such an outbreak of ransomware attacks.
To help minimize any potentially harmful actions and misuse of any information possibly obtained by the bad actors in the attack, the law firm offered two full years of free credit monitoring, as well as fraud consultation and "identity theft restoration services" for anyone affected by the data leak associated with the ransomware attack.
A security expert working with German security company comforte AG called the incident "discomforting", highlighting the huge amounts of sensitive information that law firms work with and the dangers of this information being used against the firms themselves, to extort money from them, or against the people that it belongs to.