On February 27, 2021, law firm Campbell, Conroy & O’Neill learned of a widespread ransomware attack that affected the personal data of a number of their clients. Campbell serves well-known organizations across a variety of industries including Boeing, Pfizer, General Motors, and Home Depot. After learning of the ransomware attack, they notified the FBI and conducted an investigation with a third-party forensic team. The investigation allowed the team to identify who was affected during the attack and what information was accessed. Now that the investigation is coming to a close, they are releasing some of their finding and compromised information so that those affected can take necessary actions.
While investigators were unable to confirm if specific information was accessed during the attack, they were able to outline the data that could be at risk. The investigation concluded that this data included social security numbers, financial information, medical data, passport numbers, and more. As Campbell begins the remediation process and making updates to their cybersecurity practices, they are offering individuals who were affected in the attack 24 months of complementary identify and financial monitoring services. They also suggest people who are at risk place security freezes or fraud alerts on confidential information.
Learn more about the attack here.