Article 67YD6 SEC Sues Law Firm for Client List in the Hafnium Cyberattack

SEC Sues Law Firm for Client List in the Hafnium Cyberattack

by
mrpg
from SoylentNews on (#67YD6)

upstart writes:

SEC sues law firm for client list in the Hafnium cyberattack:

The US Securities and Exchange Commission (SEC) has sued international law firm Covington & Burling for details about 298 of the biz's clients whose information was accessed by a Chinese state-sponsored hacking group in November 2020.

The data theft in question is the now-infamous Microsoft Exchange attack in which Hafnium exploited four zero-day vulnerabilities in the email platform to steal data from US-based defense contractors, law firms, and infectious disease researchers.

Covington was one of the breached law firms, and the intrusion gave the Beijing-backed cyberspies access to some of Covington's clients that are regulated by the US agency.

"Covington has admitted that a foreign actor intentionally and maliciously accessed the files of Covington's clients, including companies regulated by the Commission," the lawsuit says [PDF]. "In light of this reported breach, the Commission is seeking to determine whether the malicious activity resulted in violations of the federal securities laws to the detriment of investors."

Original Submission

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments