Two giants of the banking and legal sectors have been breached by suspected ransomware actors, according to reports.
Allen & Overy is one of the UK’s “Magic Circle” law firms. It released a statement yesterday revealing a “data incident” impacting a “small number of storage servers.”
Although the firm did not name ransomware as the cause, one user on X (formerly Twitter) posted a screenshot appearing to show the firm’s listing on the leak site of prolific ransomware-as-a-service (RaaS) group LockBit.
According to that screenshot, the company has until November 28 to pay a ransom or the group will leak whatever data it claims to have exfiltrated.
Allen & Overy sought to play down the severity of the incident.
“Investigations to date have confirmed that data in our core systems, including our email and document management system, has not been affected. The firm continues to operate normally with some disruption arising from steps taken to contain the incident,” it said.
“Our technical response team, working alongside an independent cybersecurity adviser, took immediate action to isolate and contain the incident.”
The firm added that it is both assessing what data was taken and notifying affected clients.
Read more on LockBit: Boeing Investigates LockBit Ransomware Breach Claims
EasyDMARC CEO, Gerasim Hovhannisyan, cited the case of legal firm Ince Group, which went into administration after a serious ransomware breach, as illustrative of the dangers of cyber-attacks.
“Coming on the heels of the collapse of the Ince Group, this recent attack on another law firm is illustrative of the growing cyber-threat faced by legal institutions,” he added. “As organizations trusted with such sensitive data, it is imperative that cybersecurity measures are treated as a top priority by those in charge.”
In related news, reports suggest that the US arm of banking giant The Industrial and Commercial Bank of China (ICBC) was also hit by ransomware yesterday.
Experts believe LockBit is also behind that attack, although the firm has yet to appear on its leak site. It’s unclear if data was stolen but the breach disrupted trades on Thursday, according to Reuters.
“With the rising severity, sophistication and frequency of cyber-attacks, often involving human error, companies urgently need to rethink their approach to ransomware defense,” argued Oz Alashe, founder and CEO of CybSafe.
“It's not just about technology – people-centric strategy is crucial. This means inspiring and measuring behavioral change, going beyond basic security awareness and training to improve security posture.”