Hackers breach prominent Washington Law Firm
Learn More
Washington, D.C.-based law firm Williams & Connolly, representing some of America's most powerful politicians and Fortune 500 corporations are reporting a cybersecurity breach orchestrated by hackers as part of a broader intelligence-gathering campaign targeting multiple U.S. law firms.
The breach exploited a previously unknown software vulnerability to gain unauthorized access to the firm's computer network. It affected email accounts belonging to select attorneys at Williams & Connolly.
The firm claims that a small number of attorney email accounts were accessed during the incident and that there is no evidence confidential client data was extracted from central databases where client files are stored. Exposed data includes:
- Email communications from select attorney accounts
- Potentially sensitive client information contained within email accounts
- Information related to high-profile political and corporate clients
The number of affected individuals is not disclosed. Williams & Connolly has hired cybersecurity company CrowdStrike and law firm Norton Rose Fulbright to assist with its investigation and remediation efforts.
The FBI's Washington Field Office is investigating this incident as part of a broader probe into similar infiltrations of prominent U.S. law firms by suspected Chinese hackers. The hackers are suspected of breaching the networks of more than a dozen other law firms and technology companies in recent months.
Update - as of 1st of Decemer 2025, Williams & Connolly began mailing data breach notification letters to impacted individuals and is providing affected individuals with a list of the specific types of sensitive information impacted and 24 months of complimentary credit monitoring services. No details about exposed data or affected individuals is disclosed.
