Cybersecurity
Hackers gained entry to ‘small quantity’ of legal professional emails at Williams & Connolly, agency confirms
October 9, 2025, 12:46 pm CDT
Williams & Connolly has confirmed that hackers accessed “a small quantity” of its legal professional emails however mentioned there is no such thing as a proof of additional entry to its data expertise system. (Picture from Shutterstock)
Williams & Connolly has confirmed that hackers accessed “a small quantity” of its legal professional emails however mentioned there is no such thing as a proof of additional entry to its data expertise system.
The legislation agency mentioned it lately found the incident in statements offered to Regulation.com, Law360 and the New York Instances.
“Williams & Connolly lately found a cybersecurity incident involving entry to sure programs on our community. Throughout the incident, a small variety of Williams & Connolly legal professional electronic mail accounts have been accessed by leveraging what is called a zero-day assault,” the agency mentioned. “Importantly, there is no such thing as a proof that confidential shopper knowledge was extracted from another a part of our IT system, together with from databases the place shopper recordsdata are saved.”
Regulation.com explains {that a} “zero-day assault” is a breach that exploits a safety vulnerability earlier than a patch or an replace fixes the difficulty.
Williams & Connolly mentioned hackers are “believed to be affiliated with a nation-state actor accountable for current assaults on quite a few legislation corporations and firms.” The agency mentioned it has taken steps to dam the menace actor, “and there may be now no proof of any unauthorized site visitors on our community.”
A warning issued final month mentioned hackers with ties to the Chinese language authorities have focused corporations, together with software program and expertise industries. The hackers are looking for data associated to U.S. nationwide safety and worldwide commerce from corporations, in line with the warning by cybersecurity firm Mandiant, a subsidiary of Google’s Risk Intelligence Grou.
Write a letter to the editor, share a narrative tip or replace, or report an error.
