Australian partners silent on Allen & Overy cyberattack
Four days after global law firm Allen & Overy suffered a cyberattack on its storage systems, the firm’s Australian arm will not say whether client data has been affected, or if it has informed local authorities.
The Australian partnership said they had “nothing further to add” when contacted by The Australian Financial Review, as a notorious Russian-linked group of hackers threatens to release Allen & Overy documents on the dark web.
A listing on LockBit’s ‘shaming site’ threatening to publish Allen & Overy data from November 28.
The London-based firm, which has approximately 25 partners and 130 fee-earning lawyers in Australia, experienced a “data incident” last week, the Financial Times first reported on Thursday British time (Friday AEDT).
Allen & Overy said in a global statement on Thursday that “as a matter of priority, we are assessing what data has been impacted, and we are informing affected clients”.
Russian group LockBit, which last week released internal data from Boeing and hacked into the US subsidiary of a Chinese state-owned bank, ICBC, claimed responsibility for the attack on its “shaming site”.
Cybersecurity specialists also suspect that LockBit was responsible for Saturday’s attack on port operator DP World.
The group has threatened to release Allen & Overy documents on the dark web from November 28.
Josh Lemon, a response director at cybersecurity firm Uptycs, said that LockBit was the world’s “most prolific” ransomware group by number of victims, and earned an average ransom payment exceeding $US1 million ($1.6 million) in 2022.
The group is well-known for following through on threats to release stolen documents, Mr Lemon said.
Allen & Overy said that the attack impacted a “small number” of its
Read more on afr.com
