21 July 21, 11:21
Quote:Campbell Conroy & O’Neil, P.C. – U.S. law firm to a dazzling array of huge companies – told its star-studded clientele that an intruder may have groped their data. It was hit with ransomware in February and is now suffering the data-breach fallout.
That client list spans a slew of industries and includes the likes of Apple, Boeing, British Airways, Chrysler, Exxon Mobil, Fisher-Price, Ford, Honda, IBM, Jaguar, Monsanto, Toyota and US Airways – to name just a few.
On Friday, the firm said in a press release that it realized on Feb. 27 that it got hit by what turned out to be a ransomware attack.
Campbell didn’t mention which ransomware gang claimed responsibility. None of the big ransomware groups had claimed the conquest as of Tuesday morning.
Unfortunately for the firm’s clients, there are a whole lot of ransomware organizations that like to pull double-extortion attacks: First the attackers lock up their victims’ systems, then they threaten to leak the compromised data or use it in future spam attacks if their ransom demands aren’t met. The trend started in late 2019 with Maze operators and was quickly picked up by the crooks behind the Clop, DoppelPaymer and Sodinokibi (aka REvil) ransomware families.
Data breaches resulting from ransomware attacks are rife these days: The fashion label Guess, for one, last week was dealing with a breach after having suffered from a February ransomware attack linked to Colonial Pipeline attackers DarkSide.
It’s going to be tough going for Campbell if it turns out to be REvil, given that the gang’s servers slipped offline last week, leaving victims stuck mid-negotiation without a way to pay a ransom or get decryption keys to unlock their files and restart their businesses. Ditto for DarkSide: Its servers shut down in May.
Read more: Law Firm to the Fortune 500 Breached with Ransomware | Threatpost