Exploit: Ransomware
Campbell Conroy & O’Neil, P.C. (Campbell): Law Firm
Risk to Business: 1.201= Extreme
Campbell Conroy & O’Neil, P.C. (Campbell), a law firm that counts dozens of Fortune 500 and Global 500 companies among its clientele, has disclosed a data breach following a February 2021 ransomware attack. The firm’s client list includes high-profile companies from various industry sectors, including automotive, aviation, energy, insurance, pharmaceutical, retail, hospitality, and transportation. At the time, it was unclear if client data had been stolen, but the investigation has since determined that client data was stolen.
Individual Risk: 1.963= Severe
The crooks made off with data about clients including names, dates of birth, driver’s license numbers, state identification numbers, financial account information, Social Security numbers, passport numbers, payment card information, medical information, health insurance information, biometric data. Usernames and passwords were also snatched. and/or online account credentials (i.e. usernames and passwords).” The firm24 months of free access to credit monitoring, fraud consultation, and identity theft restoration services to all individuals whose Social Security numbers or equivalent information was exposed during the attack
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business: This data about major companies and powerful business executives is cybercriminal gold and quickly saleable in the busy dark web data markets.
Source: Bleeping Computer