Wiley Rein Faces Class Action Over Cyberattack Linked to China
Severity: High (Score: 72.1)
Sources: Legal.Economictimes.Indiatimes
Published: · Updated:
Keywords: class, action, wiley, rein, suit, hits, over
Summary
Wiley Rein LLP is facing a class action lawsuit due to a cyberattack that allegedly exposed sensitive personal data of individuals unrelated to the firm. The breach, attributed to hackers linked to the Chinese government, reportedly allowed access to the firm's Microsoft 365 email systems from July 2024 to March 2025, with the intrusion discovered on June 13, 2025. The lawsuit claims that the firm failed to implement adequate cybersecurity measures, such as multi-factor authentication, leading to the exposure of names, addresses, Social Security numbers, and financial information. Plaintiffs allege that many affected individuals had no prior relationship with the firm and did not consent to the storage of their data. Furthermore, the firm delayed notifying impacted individuals for nearly nine months after discovering the breach, which plaintiffs argue resulted in significant personal losses. The lawsuit seeks class-action certification, monetary damages, and reforms to the firm's cybersecurity practices. Key Points: • Wiley Rein LLP's email systems were compromised for eight months by hackers linked to China. • Sensitive personal data of individuals with no relationship to the firm was exposed. • The firm delayed notifying affected individuals for nearly nine months after discovering the breach.
Detailed Analysis
**Impact** The breach affected an unspecified number of individuals, including many with no direct relationship to Wiley Rein LLP, exposing sensitive personal data such as names, addresses, dates of birth, financial account numbers, medical information, and Social Security numbers. The intrusion lasted from July 22, 2024, to March 18, 2025, with discovery on June 13, 2025, and notification delayed until March 2026. One plaintiff reported at least 19 fraudulent charges on a MetLife account after notification, indicating potential financial fraud. The incident impacts individuals nationwide in the United States and poses significant privacy and financial risks. **Technical Details** The attackers gained prolonged unauthorized access to Wiley Rein’s Microsoft 365 email systems for approximately eight months. The breach is linked to threat actors affiliated with the Chinese government. The firm allegedly failed to implement multi-factor authentication and adequate employee cybersecurity training. No specific malware, CVEs, or infrastructure details were disclosed in the articles. **Recommended Response** Organizations should enforce multi-factor authentication on all email and cloud services immediately and conduct comprehensive employee cybersecurity training. Monitor for unusual access patterns and unauthorized data exfiltration within Microsoft 365 environments. Review and align cybersecurity practices with FTC guidance and the NIST Cybersecurity Framework 2.0. No specific IOCs or patches were provided; defenders should focus on detection of prolonged unauthorized access and timely breach notification protocols.
Source articles (2)
- Class action suit hits Wiley Rein over alleged China — Legal.Economictimes.Indiatimes · 2026-05-28
Wiley Rein LLP faces a class action lawsuit alleging a cyberattack exposed sensitive personal data of individuals with no direct relationship to the firm. Hackers reportedly accessed Microsoft 365 ema… - Class action suit hits Wiley Rein over alleged China — Legal.Economictimes.Indiatimes · 2026-05-28
A has been filed against in the US District Court for the District of Columbia, accusing the Washington-based law firm of failing to protect sensitive personal data that was allegedly exposed in a cyb…
Timeline
- 2024-07-22 — Cyberattack on Wiley Rein begins: Hackers gained access to the firm's Microsoft 365 email systems, initiating a prolonged breach.
- 2025-03-18 — Cyberattack on Wiley Rein ends: The unauthorized access to the firm's systems continued until March 2025 without detection.
- 2025-06-13 — Breach discovered: Wiley Rein discovered the cyberattack, revealing the extent of the data exposure.
- 2026-03-01 — Affected individuals notified: Wiley Rein took nearly nine months to inform impacted individuals about the breach.
- 2026-05-28 — Class action lawsuit filed: A lawsuit was filed against Wiley Rein in the US District Court for the District of Columbia.
Related entities
- Data Breach (Attack Type)
- Wiley Rein (Company)
- Wiley Rein LLP (Company)
- CWE-200 - Exposure of Sensitive Information (Cwe)
- T1041 - Exfiltration Over C2 Channel (Mitre Attack)
- T1567 - Exfiltration Over Web Service (Mitre Attack)
- Microsoft 365 (Platform)