Cybersecurity
Ransomware Explainer Thumb GFX 071321
CNN/John General/Atom Smasher
Now playing
04:04
Here's everything you need to know about ransomware
Lior Div CEO Cybereason
Now playing
04:43
Cybersecurity CEO: 'More targeted ransomware attacks' by Russia coming
This photo taken on August 4, 2020 shows Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, using his computer at their office in Dongguan, China's southern Guangdong province. - From a small, dingy office tucked away in an industrial city in southern China, one of China's last "volunteer hacker" groups maintains a final outpost in its patriotic hacking war. (Photo by NICOLAS ASFOURI / AFP) / TO GO WITH China-hacking-security,FOCUS by Laurie Chen / The erroneous mention[s] appearing in the metadata of this photo by NICOLAS ASFOURI has been modified in AFP systems in the following, we removed the HOLD HOLD HOLD in the main caption. Please immediately remove the erroneous mention[s] from all your online services and delete it (them) from your servers. If you have been authorized by AFP to distribute it (them) to third parties, please ensure that the same actions are carried out by them. Failure to promptly comply with these instructions will entail liability on your part for any continued or post notification usage. Therefore we thank you very much for all your attention and prompt action. We are sorry for the inconvenience this notification may cause and remain at your disposal for any further information you may require. (Photo by NICOLAS ASFOURI/AFP via Getty Images)
This photo taken on August 4, 2020 shows Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, using his computer at their office in Dongguan, China's southern Guangdong province. - From a small, dingy office tucked away in an industrial city in southern China, one of China's last "volunteer hacker" groups maintains a final outpost in its patriotic hacking war. (Photo by NICOLAS ASFOURI / AFP) / TO GO WITH China-hacking-security,FOCUS by Laurie Chen / The erroneous mention[s] appearing in the metadata of this photo by NICOLAS ASFOURI has been modified in AFP systems in the following, we removed the HOLD HOLD HOLD in the main caption. Please immediately remove the erroneous mention[s] from all your online services and delete it (them) from your servers. If you have been authorized by AFP to distribute it (them) to third parties, please ensure that the same actions are carried out by them. Failure to promptly comply with these instructions will entail liability on your part for any continued or post notification usage. Therefore we thank you very much for all your attention and prompt action. We are sorry for the inconvenience this notification may cause and remain at your disposal for any further information you may require. (Photo by NICOLAS ASFOURI/AFP via Getty Images)
NICOLAS ASFOURI/AFP/AFP via Getty Images
Now playing
02:18
How your device could be at risk of 'one of the most serious' cyber security threats
The new Microsoft Surface Pro 3 tablet with detachable keyboard and pen for writing on the screen after it was unveiled May 19, 2014 in New York. Microsoft unveiled the Surface Pro 3 tablet at an event in New York on Tuesday, as it attempts to fuel interest in its struggling tablet line amid increasing competition. The Intel Core-powered tablet measures 0.36 inches thick, boasts a 12-inch screen and weighs just under 2 pounds.
The new Microsoft Surface Pro 3 tablet with detachable keyboard and pen for writing on the screen after it was unveiled May 19, 2014 in New York. Microsoft unveiled the Surface Pro 3 tablet at an event in New York on Tuesday, as it attempts to fuel interest in its struggling tablet line amid increasing competition. The Intel Core-powered tablet measures 0.36 inches thick, boasts a 12-inch screen and weighs just under 2 pounds.
Stan Honda/AFP/Getty Images
Now playing
03:23
Microsoft's VP of Security: The future is paswordless
SocialProof Security CEO Rachel Tobac uses social engineering to hack CNN tech reporter Donie O'Sullivan's accounts.
SocialProof Security CEO Rachel Tobac uses social engineering to hack CNN tech reporter Donie O'Sullivan's accounts.
Graphics: John General/CNN
Now playing
03:29
SolarWinds CEO: Cyber threats need community vigilance
A person uses Windows software
A person uses Windows software
Shutterstock
Now playing
00:53
Microsoft urges Windows users to install update
Staff enter the headquarters of information technology firm Kaseya in Miami, Florida, U.S., in an undated still image from video. Kaseya/Handout via REUTERS NO RESALES. NO ARCHIVES. THIS IMAGE HAS BEEN SUPPLIED BY A THIRD PARTY.
Staff enter the headquarters of information technology firm Kaseya in Miami, Florida, U.S., in an undated still image from video. Kaseya/Handout via REUTERS NO RESALES. NO ARCHIVES. THIS IMAGE HAS BEEN SUPPLIED BY A THIRD PARTY.
Kaseya via Reuters
Now playing
01:41
Kaseya: The massive ransomware attack compromised up to 1,500 businesses
FireEye CEO Kevin Mandia
Now playing
06:43
FireEye CEO: Digital currency enables cybercrime
screengrab Elliptic
screengrab Elliptic
Elliptic
Now playing
03:18
See how cybersecurity experts trace ransom payments
This photo taken on August 4, 2020 shows Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, using his computer at their office in Dongguan, China's southern Guangdong province. - From a small, dingy office tucked away in an industrial city in southern China, the Red Hacker Alliance -- one of China's most well-known patriotic "hacktivist" groups -- maintain battle in the country's nationalistic online war. (Photo by NICOLAS ASFOURI / AFP)
This photo taken on August 4, 2020 shows Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, using his computer at their office in Dongguan, China's southern Guangdong province. - From a small, dingy office tucked away in an industrial city in southern China, the Red Hacker Alliance -- one of China's most well-known patriotic "hacktivist" groups -- maintain battle in the country's nationalistic online war. (Photo by NICOLAS ASFOURI / AFP)
NICOLAS ASFOURI/AFP/AFP via Getty Images
Now playing
02:42
White House urges companies to take cyberattack threat more seriously
Fuel tanks are seen at Colonial Pipeline Baltimore Delivery in Baltimore, Maryland on May 10, 2021.
Fuel tanks are seen at Colonial Pipeline Baltimore Delivery in Baltimore, Maryland on May 10, 2021.
Jim Watson/AFP/Getty Images
Now playing
01:47
Cybersecurity expert: Defense isn't perfect in this game
Arvind Krishna IBM CEO
Now playing
02:47
IBM CEO: Cybersecurity needs to be a collective effort led by government
Rob ross still 1
CNN
Now playing
05:14
A hacker stole $1 million from him by tricking his cell phone provider
SocialProof Security CEO Rachel Tobac uses social engineering to hack CNN tech reporter Donie O'Sullivan's accounts.
SocialProof Security CEO Rachel Tobac uses social engineering to hack CNN tech reporter Donie O'Sullivan's accounts.
Graphics: John General/CNN
Now playing
04:35
Watch how a social engineering hack works
BERLIN, GERMANY - JUNE 22: In this photo Illustration hands typing on a computer keyboard on June 22, 2016 in Berlin, Germany. (Photo Illustration by Thomas Trutschel/Photothek via Getty Images)
BERLIN, GERMANY - JUNE 22: In this photo Illustration hands typing on a computer keyboard on June 22, 2016 in Berlin, Germany. (Photo Illustration by Thomas Trutschel/Photothek via Getty Images)
Thomas Trutschel/Photothek/Photothek via Getty Images
Now playing
01:43
I report on technology. And I got hacked.
CNN Business  — 

A major law firm with name-brand clients in over a dozen sectors of the economy was hit by ransomware in February, it said, in a breach that may have leaked Social Security numbers, health insurance information and even biometric data.

In a disclosure on its website, Campbell Conroy & O’Neil said the hackers encrypted and accessed a system that contains sensitive personal information, though it is unclear how much of the actual data was accessed or stolen. However, “certain information relating to individuals” was accessed, the company said.

01 laptop keyboard STOCK
Shutterstock

New ransomware attack targets key IT vendor

“We determined that the information present in the system included certain individuals’ names, dates of birth, driver’s license numbers / state identification numbers, financial account information, Social Security numbers, passport numbers, payment card information, medical information, health insurance information, biometric data, and/or online account credentials (i.e. usernames and passwords),” the firm said in its disclosure. “Please note that the information varies by individual and for many individuals, a limited number of data types were determined to be accessible.”

According to its website, Campbell Conroy & O’Neil serves a large array of Fortune 500 companies, including Ford, Boeing, Exxon Mobil, Quest Diagnostics, Liberty Mutual, Johnson & Johnson, Walgreens, Monsanto, FedEx and Coca-Cola, among others.

The hack was first detected on Feb. 27, sparking an investigation, the firm said in its disclosure.

In recent months, cybercriminals have increasingly targeted organizations that play critical roles across broad swaths of the US economy. A high-profile attack against Colonial Pipeline in May disrupted fuel shipments to gas stations all along the east coast, prompting widespread panic buying. A cyberattack against JBS Foods led to a temporary shutdown of all nine of its US beef processing plants. And an attack against a key software vendor hit a wide range of IT management companies and compromised hundreds of their corporate clients.