Allen & Overy has suffered a cyber attack in what is being reported on social media to be by ‘ransomware as a service’ (RaaS) group Lockbit. According to posts on X (previously Twitter), Lockbit has posted a ransom demand on the dark web, set to expire on 28 November.
Allen & Overy said in a statement shared with Legal IT Insider: “We have experienced a data incident impacting a small number of storage servers. Investigations to date have confirmed that data in our core systems, including our email and document management system, has not been affected. The firm continues to operate normally with some disruption arising from steps taken to contain the incident.”
The Magic Circle firm has not confirmed who carried out the attack.
According to the Cybersecurity and Infrastructure Security Agency, in 2022, LockBit was the most deployed ransomware variant across the world and continues to be prolific in 2023. LockBit’s RaaS model sees affiliates recruited to conduct ransomware attacks using LockBit ransomware tools and infrastructure. Due to the large number of unconnected affiliates in the operation, LockBit ransomware attacks vary significantly in tactics, techniques, and procedures, which presents a challenge for organisations seeking to prevent such attacks.
The incident comes just shortly after Allen & Overy confirmed its high profile merger with Shearman & Sterling is going ahead.
‘The Allen & Overy spokesperson added: “Our technical response team, working alongside an independent cybersecurity adviser, took immediate action to isolate and contain the incident.
“Detailed cyber forensic work continues to investigate and remediate the incident. As a matter of priority, we are assessing exactly what data has been impacted, and we are informing affected clients.
“We appreciate that this is an important matter for our clients, and we take this very seriously.
“Keeping our clients’ data safe, secure, and confidential is an absolute priority.”