By Sean Lyngaas, CNN

(CNN) — Suspected Chinese government-backed hackers have breached computer systems of US law firm Williams & Connolly, which has represented some of America’s most powerful politicians, as part of a larger spying campaign against multiple law firms, according to a letter the firm sent clients and a source familiar with the hack.

The cyber intrusions have hit the email accounts of select attorneys at these law firms, as Beijing continues a broader effort to gather intelligence to support its multi-front competition with the US on issues ranging from national security to trade, multiple sources have told CNN.

The hackers in this case used a previously unknown software flaw, coveted by spies because it allows for stealth, to access Williams & Connolly’s computer network, said the letter sent to clients this week and reviewed by CNN. The letter did not name the hackers responsible, but the source familiar with the hack told CNN that Beijing was the prime suspect.

“Given the nature of the threat actor, we have no reason to believe that the data will be disclosed or used publicly,” the letter said, in a hint that the intruder was focused on espionage rather than extortion.

CNN has reached out to the Chinese Embassy in Washington, DC for comment.

Liu Pengyu, a spokesperson for the embassy, told CNN in response to a separate hacking allegation last month: “China firmly opposes and combats all forms of cyber attacks and cybercrime.”

It was not immediately clear which Williams & Connolly attorneys or clients were affected by the hack.

Williams & Connolly is known for its politically influential clientele and a storied bench of courtroom lawyers. The firm has represented Bill and Hillary Clinton; corporate clients, including tech, health care and media companies; and white-collar criminal defendants like Theranos founder Elizabeth Holmes.

A Williams & Connolly spokesperson declined to answer questions on who was responsible for the hack.

The hackers are “believed to be affiliated with a nation-state actor responsible for recent attacks on a number of law firms and companies,” Williams & Connolly said in a statement to CNN. “We have taken steps to block the threat actor, and there is now no evidence of any unauthorized traffic on our network.”

Another prominent US law firm hit by suspected Chinese hackers is Wiley Rein, CNN reported in July. With clients that span the Fortune 500, Wiley Rein is a powerful player in helping US companies and the government navigate the trade war with China.

The suspected Chinese hackers have been rampant in recent weeks, also hitting the cloud-computing firms that numerous American companies rely on to store key data, experts at Google-owned cybersecurity firm Mandiant have told CNN. In a sign of how important China’s hacking army is in the race for tech supremacy, the hackers have also stolen US tech firms’ proprietary software and used it to find new vulnerabilities to burrow deeper into networks, according to Mandiant.

The Chinese government routinely denies allegations that it conducts hacking operations, often pointing to alleged US operations targeting Chinese entities and accusing Washington of a “double standard.”

At any given time, the FBI has multiple investigations open into China’s elite hacking teams, which US officials consider the biggest state-backed cyber threat to American interests.

CNN has requested comment from the FBI.

“Law firms are prime targets for nation-state threat actors because of the complex, high-stakes issues they handle,” said Sean Koessel, co-founder of cybersecurity firm Volexity, which has investigated Chinese digital spying campaigns.

“Intellectual property, emerging technologies, international trade, sanctions, public policy, to name a few,” Koessel told CNN. “In short, they hold a wealth of sensitive, non-public information that can offer significant strategic advantage.”

CNN’s Katelyn Polantz contributed to this report.

The-CNN-Wire
™ & © 2025 Cable News Network, Inc., a Warner Bros. Discovery Company. All rights reserved.