Allen & Overy has been removed from the website of ransomware group LockBit, according to a person with knowledge of the situation.
The hacker group, which is one of the most notorious in the world and is viewed as having strong links to Russia, lists organisations that it is holding to ransom on its website on the dark web.
The removal comes the day before the deadline which the hackers had set—November 28—after which they threatened to publish confidential data which A&O confirmed lived on “a small number” of their storage servers.
The law firm confirmed it had been the victim of a cyber attack on November 9. A&O appeared on LockBit’s list of targets on its website, and a deadline of November 28 was given for the firm to pay a ransom to recover that data which the group claimed to have stolen.
A&O has now been taken off this website along with the reference to the November 28 deadline, the person said, although it is unclear what the significance of this is. It could mean the firm has paid a ransom or it could mean negotiations are ongoing, the person added.
A&O declined to comment beyond its original statement. When news of the attack broke the firm said: “As a matter of priority, we are assessing exactly what data has been impacted, and we are informing affected clients.”
Expert calculations had put the potential sum that A&O could pay out to the hackers at as much as £62 million—or 3% of the firm’s turnover, though they added that would potentially be a “starting point” for the hackers’ demands.
Writing on LinkedIn, cyber security expert Andy Watkin-Child wrote: “Did they pay the ransom, or are they negotiating?”
He added: “Being between a rock and a hard place is an understatement. There will never be a guarantee that data is protected, not made public or used”.
