Seyfarth Shaw LLP is an international AmLaw 100 law firm headquartered in Chicago, Illinois, its clients include over 300 of the Fortune 500 companies, and its practice reflects virtually every industry and segment of the economy.
Seyfarth Shaw announced it was the victim of an “aggressive malware” attack, but the media immediately reported a ransomware infection later confirmed by the firm.
According to a statement published by the company, the attack took place on October 10, 2020.
“On October 10, 2020, Seyfarth was the victim of a sophisticated and aggressive malware attack. At this time, our email system remains down.” reads the statement published by the company.
“We understand that a number of other entities were simultaneously hit with this same attack. Our monitoring systems detected the unauthorized activity, and our IT team acted quickly to prevent its spread and protect our systems.”
The firm confirmed that many of its systems were encrypted and it is not aware of unauthorized access to its client or firm data,
“We have found no evidence that any of our client or firm data were accessed or removed.” continues the statement. “However, many of our systems were encrypted, and we have shut them down as a precautionary measure.”
The company notified law enforcement and it is supporting the investigation conducted by the FBI.
The firm added that an undisclosed number of companies was hit “simultaneously” by the same threat actors.
At the time of this post, the law firm did not disclose details about the attack, it is not clear the family of ransomware that hit the company and the extent of the security incident.
In the past other law firms suffered ransomware attacks, sometimes with dramatic consequences for their business like the Mossack Fonseca case.
In May, the Sodinokibi ransomware gang has stolen gigabytes of legal documents from the law firm of the stars, Grubman Shire Meiselas & Sacks (GSMLaw). In June 2017, the global law firm DLA Piper experienced severe issues at its systems after a ransomware attack.
(SecurityAffairs – hacking, Seyfarth Shaw)