Law behemoth CMS claimed by LockBit ransomware


CMS, one of the world’s largest law firms, has been claimed by LockBit ransomware, with the attackers alleging a 500GB data theft.

The international law firm was posted on LockBit’s dark web blog, where the gang showcases its latest victims. The attackers claim to have taken “all confidential information in the USA.”

We’ve reached out to CMS for comment but did not receive a response before publishing.

ADVERTISEMENT

In the post announcing the supposed breach, the cybercrooks imply that they’ve stolen 500GB of data related to “financial and corporate crimes of clients.”

The data supposedly also holds information on CMS’s employees, the company’s tax and financial reports, and other data.

With a team of nearly 6,000 lawyers over 81 global offices, CMS is among the world’s largest law firms. The firm was created in 1999 after a merger of six Europe-based law firms.

CMS has been criticized in the UK for aiding Russian billionaires after Moscow launched a full-scale invasion of Ukraine.

The LockBit group first appeared on the ransomware scene sometime in late 2019. Since then, the gang has climbed to the top of the food chain, topping many lists in terms of victimized organizations.

The threat actors are said to have executed over 1,400 attacks against victims in the US and around the world, including Asia, Europe, and Africa.

ADVERTISEMENT