Prevent publication
US firm Weil Gotshal is the latest law firm to fall victim to a cyber attack after it was reportedly forced to pay a ransom in the double-digit millions to prevent the publication of confidential client data.
According to The Insurer (£), Weil paid between $18 and $20 million (£13 and £15 million) to cyber extortion group Luna Moth, who threatened to publish stolen confidential client data to an external cloud storage site.
Whilst Weil has not commented on whether it coughed up the cash, the report claims it paid the amount within three days of the demand.
In a statement, a firm spokesperson said:
“Weil, Gotshal & Manges LLP recently responded to a cyber incident involving a threat actor and the unauthorized uploading of a limited number of client documents to an external cloud storage site. Upon discovering the incident, we immediately activated our response protocols, took preventative containment measures, and launched an investigation with the support of third-party cybersecurity professionals. We also notified law enforcement.”
Weil said forensic investigations found that the attacker never accessed Weil’s network and that the incident did not disrupt operations. Ongoing monitoring has detected no unauthorised activity.
The spokesperson continued: “Our priority is, and always has been, our clients. We appreciate the trust they place in us to safeguard their confidences. We have contacted the clients whose information was involved in this incident and have taken a number of steps in response to the incident consistent with our constant focus on protecting our clients’ information.”
This news comes after fellow US firm Jones Day was targeted by hackers earlier this year, when the attackers reportedly stole confidential files relating to to 10 clients.