Allen& Overy A&O cyber attack

Allen & Overy (A&O) has confirmed it has suffered a cyber attack after reports its data had been accessed by the ransomware gang LockBit. 

The London-based legal giant revealed it had “experienced a cyber security incident impacting a small number of storage servers” after social media posts claimed LockBit ransomware hackers had accessed the company systems and were threatening to publish data from the firm’s files. 

The firm has not yet confirmed if LockBit is indeed behind the breach – or which data may have been stolen by the perpetrators – but it said that data in its core systems has not been affected. 

“Investigations to date have confirmed that data in our core systems, including our email and document management system, has not been affected,” A&O said in a statement on Thursday.

 “As a matter of priority, we are assessing exactly what data has been impacted, and we are informing affected clients. "The firm continues to operate normally with some disruption arising from steps taken to contain the incident."

‘All available data will be published!’ 

News of the attack came after a post on X by the security firm FalconFeeds claimed LockBit had added Allen & Overy to their victim list. 

The post claimed that LockBit would publish the ‘magic circle’ law firm’s data on November 28, 2023.  It provided screenshots of a dark web post from LockBit warning that “all available data will be published” unless a ransom is not paid. 

LockBit allen overy
Screenshot posted on X by FalconFeeds.io shows LockBit dark web post.

Hacker groups like LockBit target companies and governments with ransomware that disables access to computer systems, often demanding payments to release private data or restore computer systems. 

The Russia-linked group attacked Royal Mail earlier this year, causing server disruption across six sites in the country and threatened to publish or block access to the postal service’s data unless it received a payment. It more recently hit the UK Ministry of Defence, leaking top-secret information belonging to the Ministry on the dark web. 

A number of law firms have also been targeted by ransomware hackers over the years, including a major attack on DLA Piper, which was hit by Petya ransomware in 2017. Several law firms including Kirkland & Ellis were reportedly hit by a ransomware group earlier this year as well.

“Our technical response team, working alongside an independent cyber security adviser, took immediate action to isolate and contain the incident,” A&O said. 

“We appreciate that this is an important matter for our clients, and we take this very seriously. Keeping our clients’ data safe, secure, and confidential is an absolute priority. The firm continues to operate normally with some disruption arising from steps taken to contain the incident.”