(Photo: Diego M. Radzinschi/ALM)

After three full days without phones and email following a cyberattack across Europe, DLA Piper’s U.S. operation is back up and running. 

The malicious software that caused the outage, called Petya, is thought to have originated in tax software used by companies and accountants in Ukraine. Once on a computer, the virus locked users out of that device’s data and asked for a $300 ransom payment. 

The software update carrying the virus came on June 27—in the middle of the night for the United States—and spread through computers across DLA Piper’s network. The bug may not have reached as many firm computers stateside, since not all would have been connected online outside work hours. But email and phone service at the firm appeared to be down across the firm’s U.S. offices until Friday.

Now services have been restored, according to two U.S. partners. 

Other well-known businesses with connections in Eastern Europe, including the shipping company Maersk and drugmaker Merck, were affected too. Baker McKenzie, one of the world’s largest law firms, was able to confine the breach to one infected computer in Kiev before it spread further, The Wall Street Journal reported

The rest of DLA Piper may not yet be so lucky. As of 2:30 p.m. Friday, the firm still had an update for clients posted on its website describing how the firm was at work to restore its systems. Even with the United States back online, the firm’s web blackout constrained lawyers throughout this week. Another Wall Street Journal report noted how DLA Piper lawyers requested deadline extensions from courts in at least five civil cases.

The firm said it had no evidence that its confidential information and client data were breached.

A DLA Piper spokesperson did not immediately respond to a request for an update Friday afternoon.

Experts have speculated that the software used in this attack could be more devastating than originally thought, making it impossible to recover data. However, law firms may not face that level of catastrophe, because they back up their systems regularly, according to cybersecurity consultants at Nisos Group, which counsels corporations and boards about attacks.

If there are more extensive cyberattacks, especially ones that wipe data from systems, in the future, “a law firm is likely to be a target. And it’s likely to be an existential event,” said Justin Zeefe, co-founder of Nisos Group.

“A legal firm in the U.S. is sort of an unfortunate bystander” in this week’s attack, Nisos colleague Doug Shepherd said.