US legal eagles representing Apple, IBM, and more take 5 months to inform clients of ransomware data breach

Those affected get free protection services – but only if their Social Security numbers were exposed

Law firm Campbell Conroy & O'Neil has warned of a breach from late February which may have exposed data from the company's lengthy client list of big-name corporations including Apple and IBM.

The breach, which was discovered on 27 February 2021 when a ransomware infection blocked access to selected files on the company's internal systems, has been blamed on an unnamed "unauthorised actor."

At the time of writing, none of the usual suspects had claimed responsibility. For REvil, one of the biggest and most successful ransomware groups, that's no surprise: its websites have been down for a week and counting after a wide-ranging attack on IT management firm Kaseya and its clients.

While it's not yet known precisely what data was accessed during the breach, the system affected held a treasure trove including "certain individuals' names, dates of birth, driver's license numbers/state identification numbers, financial account information, Social Security numbers, passport numbers, payment card information, medical information, health insurance information, biometric data, and/or online account credentials (i.e. usernames and passwords)," the company confirmed in a statement regarding the attack.

"Campbell is committed to, and takes very seriously, its responsibility to protect all data entrusted to us," the company continued. "As part of our ongoing commitment to the privacy of personal information in our care, we are reviewing our existing policies and procedures, and are working to implement additional safeguards to further secure our information systems."

The company has also offered those affected a 24-month subscription to credit monitoring, fraud consultation, and identity theft restoration services – but only if they had their Social Security numbers held on the system. For those whose data did not include Social Security numbers, they get nothing bar the company's apologies.

Founded in 1983, Campbell boasts a laundry list of big clients across a range of industries including Ford, Toyota, Honda, and others in automotive; British Airways, Boeing, Continental Airlines, Gulfstream, and others in aerospace; Monsanto, Corning, Dow Chemical, and others in the chemical industry; Apple, IBM, Toshiba Information Systems, and others in computing; Exxon Mobil and BP-owned Amoco in oil; and others too numerous to mention across consumer products, heavy equipment and industrial machinery, insurance, medical and pharmaceutical, retail, transportation, and more.

In short: the impact of the breach could be felt by a huge number of companies, not just Campbell itself. Depending on what data was exposed, it could spell a repeat of the attack on Grubman Shire Meiselas & Sacks last year, which exposed client data belonging to A-list celebrities.

Campbell confirmed it had enlisted unnamed "third-party forensic investigators" to investigate the attack, and that it had informed the FBI of the breach. It did not, however, indicate why it had taken five months to alert its clients.

Campbell had not responded to a request for additional comment by the time of publication. ®

Send us news

FBI smokes ransomware Hive after secretly buzzing around gang's network for months

Uncle Sam doles out decryption keys to 300+ victims amid sting op

Finally, ransomware victims are refusing to pay up

Near 50% drop in extorted dosh ... or so it says here

LockBit brags it pumped ION full of ransomware

Crims put a February 4 deadline for software slinger to pay up

Been hit by BianLian ransomware? Here's your get-out-of-jail-free card

Avast issues a free decryptor so victims can get their data back

Former Ubiquiti dev pleads guilty in data theft and extortion case

Nickolas Sharp now faces up to 35 years in prison

Ransomware severs 1,000 ships from on-shore servers

Get your eyepatch out: Cyber attacks on the high seas are trending

LockBit: Sorry about the SickKids ransomware, not sorry about the rest

Blame it on the affiliate

The Guardian ransomware attack hits week two as staff told to work from home

UK data watchdog would like a word over failure to systems

Freedom for MegaCortex ransomware victims – the fix is out

Criminals hit 1,800 victims across 71 countries to the tune of $100m+

Rackspace blames ransomware woes on zero-day attack

Play gang blamed, ProxyNotShell cleared and hosted Exchange doomed

UK's Guardian newspaper breaks news of ransomware attack on itself

Reporters work from home as publication promises Thursday's print edition will hit newstands on time

Being one of the 1% sucks if you're a Rackspace user

Nearly three weeks and no email for customers