Washington, D.C. — One of America’s most prestigious law firms, Williams & Connolly, has reported a major cybersecurity breach linked to Chinese hackers, according to individuals familiar with the matter. The incident is part of a broader campaign targeting multiple U.S. law firms and technology companies in recent months.
The FBI’s Washington field office has launched an investigation into the breach and similar cyberattacks carried out by the same group of Chinese hackers. Officials believe that over a dozen law firms may have been compromised through advanced techniques exploiting “zero-day” vulnerabilities — previously unknown security flaws that hackers can use before developers patch them.
Williams & Connolly, known for representing high-profile clients such as Bill and Hillary Clinton, informed clients that attackers had gained access to a limited number of attorney email accounts. In its statement, the firm confirmed that a small portion of emails might have been exposed but emphasized that there was no evidence of confidential client data being stolen from core databases.
“During the incident, a small number of Williams & Connolly attorney email accounts were accessed by leveraging a zero-day attack,” the firm stated. “Importantly, there is no evidence that confidential client data was extracted from any other part of our IT system.”
The law firm said it has taken immediate steps to block the intruders and restore network security. Cybersecurity firm CrowdStrike and law firm Norton Rose Fulbright have been hired to lead the response and assist in the ongoing investigation.
Reports from cybersecurity company Mandiant indicate that Chinese hackers have been conducting a sustained espionage campaign since early 2025. Their primary targets include legal and software sectors in the U.S., with the goal of collecting information related to national security and international trade.
“Based on our investigation, the threat actor is believed to be affiliated with a nation-state responsible for recent cyberattacks on law firms and corporations,” Williams & Connolly said.
The FBI has yet to issue a public statement, but sources confirm that federal authorities are working closely with affected firms to identify vulnerabilities and prevent further breaches.
Experts warn that law firms remain prime targets due to their access to sensitive corporate and political information. The Williams & Connolly incident underscores the growing sophistication of Chinese hackers and the increasing urgency for cybersecurity measures across the U.S. legal industry.
In other news also read about Scams Explode As Job Seekers Face Rising Online Fraud
