CMM, LLP Targeted by Ransomware Group Cuban

CMM, LLP, a law firm operating in the Law Firms & Legal Services sector, has been targeted by the ransomware group Cuban. The attack was announced on the group's dark web leak site, and the victim's website is http://www.cmmcpas.com/. The company, which was formerly known as Cohen, Miskei & Mowrey, LLP, is based in Sacramento, California.

CMM, LLP is a mid-sized law firm that offers services in business management, litigation, and tax. The firm has been in operation for several years and has built a reputation for providing high-quality legal services to its clients. However, the attack by Cuban has exposed vulnerabilities in the firm's cybersecurity defenses, which have made it a target for threat actors.

The ransomware attack on CMM, LLP is part of a new wave of attacks where law firm data is not just encrypted and held for ransom, but also released to the public if the ransom is not paid. This type of attack, known as Maze ransomware, is particularly troubling because it involves the exfiltration of data before encryption, which can lead to sensitive information being made public.

The attack on CMM, LLP highlights the need for law firms to strengthen their data security measures to protect their clients' sensitive information. The firm, like many others in the legal industry, has been identified as a valuable target for hackers due to the sensitivity of the data they handle.

The ransomware attack on CMM, LLP is a reminder of the importance of robust cybersecurity measures in the legal industry. Law firms must prioritize data protection and implement comprehensive information security programs to safeguard their clients' information from potential threats.

Sources

• CMM, LLP. (n.d.). Employee Portal. Retrieved April 10, 2024, from http://www.cmmcpas.com/
• Reddit. (2024, March 4). Sacramento law firm sues for $1 million after falling prey to ransomware attack. Retrieved April 10, 2024, from https://www.reddit.com/r/msp/comments/1b6jldx/sacramento_law_firm_sues_for_1_million_after/
• YouTube. (2024, March 10). Law Firm Sues IT Provider Over Ransomware Attack. Retrieved April 10, 2024, from https://www.youtube.com/watch?v=xKbs_iB4CI0
• Legal Fuel. (2024, March 6). Prominent Sacramento law firm sues for $1 million after falling prey to ransomware attack. Retrieved April 10, 2024, from https://www.legalfuel.com/prominent-sacramento-law-firm-sues-for-1-million-after-falling-prey-to-ransomware-attack-guest-post/
• Logikcull. (2024). Ransomware Hits Law Firms Hard-And It's Worse Than Ever Before. Retrieved April 10, 2024, from https://www.logikcull.com/blog/maze-ransomware-law-firms
• The Record. (2023, March 27). Law firm fined $200,000 over 'poor data security' that led to ransomware attack. Retrieved April 10, 2024, from https://therecord.media/new-york-law-firm-hpmb-fined-data-breach-ransomware