Orrick, Herrington & Sutcliffe, a major international law firm, had attackers roaming parts of its network for over two weeks earlier this year.
The law firm informed affected individuals that unauthorized third-parties roamed portions of its network between February 28th and March 13th of 2023. Orick claims that malicious actors accessed a file share that the company used to store “certain client files.”
“Upon detection, we took immediate steps to block the unauthorized access and an investigation of the incident was launched with the support of the leading cybersecurity experts,” the law firm said in a breach notification to affected individuals.
According to details Orick submitted to the Maine Attorney General, 461,100 people were affected by the breach. Attackers may have access to law firm clients’ driver’s license numbers or non-driver ID card numbers.
Orick said that while the law firm “is not aware of any misuse” of individuals’ data, it will offer all impacted individuals identity monitoring services. People whose data may have been accessed are also advised to stay vigilant about any suspicious activity concerning credit reports or health insurance.
The San Francisco headquartered Orrick employs over 1,000 attorneys throughout over 20 offices globally. The law firm enjoyed revenue of nearly $1.4 billion in 2022, putting it among the largest in the world in terms of revenue.
More from Cybernews:
Subscribe to our newsletter