FBI Probes Alleged Chinese Hacking of US Law Firms, Including Williams & Connolly
Published
- FBI investigation: The FBI's Washington field office is investigating alleged infiltrations of prominent U.S. law firms by Chinese hackers.
- Williams & Connolly breach: The law firm Williams & Connolly confirmed a limited breach of its systems, specifically impacting a small number of attorney email accounts.
- Zero-day attack: The unauthorized access was achieved by exploiting a "zero-day attack," a vulnerability previously unknown to the software developer.
The Federal Bureau of Investigation (FBI) is reportedly conducting an investigation into a series of cyberattacks targeting prominent U.S. law firms. According to sources briefed on the matter, the attacks are alleged to have been carried out by Chinese hackers.
The FBI's Washington field office is leading the probe into these sophisticated network intrusions, which raise significant concerns about the security of sensitive legal and corporate information.
Williams & Connolly Confirms Breach
One of the firms, Williams & Connolly, acknowledged that it had been targeted by a cyberattack, the New York Times reported on Tuesday, citing two people briefed on the matter. The firm stated that hackers gained unauthorized access to a limited number of its attorney email accounts.
The Williams & Connolly breach was executed by leveraging what the firm described as a zero-day attack, and the hackers are “believed to be affiliated with a nation-state actor responsible for recent attacks on a number of law firms and companies.”
Despite the intrusion into email accounts, Williams & Connolly reported there is no evidence that confidential client data was extracted from other parts of its IT infrastructure, including databases where client files are stored. The firm has since taken measures to block the threat.
“During the incident, a small number of Williams & Connolly attorney email accounts were accessed by leveraging what is known as a zero-day attack,” the firm told The New York Times.
“Importantly, there is no evidence that confidential client data was extracted from any other part of our IT system, including from databases where client files are stored.”
Broader Context of Cyber Espionage
While Williams & Connolly did not attribute the attack to China, the FBI investigation is situated within a long-standing context of U.S. officials raising alarms over state-sponsored hacking. For years, U.S. authorities have alleged that China-linked hacking groups are actively engaged in cyber espionage, often with the goal of stealing valuable intellectual property from American corporations.
The targeting of law firms, which hold vast amounts of confidential client data, represents a significant vector for such intelligence-gathering operations. The Chinese embassy has not yet commented on the allegations.
A September report tracking BRICKSTORM malware activity attributed to UNC5221 (which partially overlaps with Silk Typhoon) and closely related, suspected China-nexus threat clusters stated that Mandiant Consulting has responded to intrusions, most notably in the legal services sector, since March 2025.
Most recently, a July report said China's Salt Typhoon hacked the National Guard. In April, TechNadu reported on a critical Ivanti VPN vulnerability allegedly exploited in the wild by espionage group UNC5221.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular