alphv attacks KKJM Lawfirm

Incident Date: Jul 23, 2022

Attack Overview

VICTIM

KKJM Lawfirm

INDUSTRY

Law Firms & Legal Services

LOCATION

USA

ATTACKER

Alphv

FIRST REPORTED

July 23, 2022

Request Removal

KKJM Law Firm Targeted by Alphv Ransomware Group

Overview of the Attack

The Alphv ransomware group has claimed responsibility for an attack on KKJM Law Firm, a New Jersey-based litigation firm established in 1991. With a team comprising five dedicated attorneys and a robust support staff, KKJM Law Firm provides a plethora of legal services, including personal injury, criminal defense, elder law, and workers' compensation law.

This incident is part of a concerning trend of ransomware attacks that involve not only the encryption of data but also its exfiltration. The attackers threaten to make the data public unless a ransom is paid. This specific type of attack, known as Maze ransomware, is particularly insidious as it demands two ransoms: one for decrypting the data and another for ensuring its deletion.

The Significance of Targeting Law Firms

Law firms are particularly attractive targets for cybercriminals due to the sensitive nature of the data they handle. During the discovery process, for instance, sensitive information is amassed in on-premises systems, which are often outdated and lack adequate protection. In the breach of KKJM Law Firm, the attackers accessed highly sensitive data, including personal injury case diaries, fee agreements, and HIPAA consent forms.

The public disclosure by the Alphv ransomware group, including details such as the date of infiltration, the total volume of data stolen, and the IP addresses and machine names of the servers accessed, underscores the severity of the breach. This incident highlights the critical need for stringent data security practices, a lesson underscored by the $200,000 fine levied against Heidell, Pittoni, Murphy & Bach (HPMB) for inadequate data security measures following a ransomware attack.

Implications and Consequences

The attack on KKJM Law Firm is a stark reminder of the importance of robust data security measures. The legal sector, with its wealth of confidential information, must prioritize the protection of sensitive data to avoid the potentially devastating consequences of such breaches.

Sources

Kitrick, McWeeney & Wells, LLC. (n.d.). New Jersey Law Firm | Kitrick, McWeeney & Wells, LLC.
Logikcull. (2020, October 29). Maze Ransomware Hits Law Firms Hard-And It's Worse Than Ever Before.

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.