Donut Leaks Ransomware Gang Targets Jacklyn Dawson Solicitors

The Donut Leaks ransomware gang has attacked Jacklyn Dawson Solicitors. Jacklyn Dawson Solicitors is a law firm headquartered in Newport, Wales. Donut Leaks posted Jacklyn Dawson Solicitors to its data leak site on May 23rd, claiming to have stolen 400GB of data. Jacklyn Dawson Solicitors has neither confirmed nor denied the incident.

Origins of Donut Leaks

Researchers first identified the Donut Leaks extortion group when an employee of one of the victims revealed that the corporate network had been breached by threat actors seeking to steal data. After successfully pilfering the data, the threat actors proceeded to email the victims' business partners and employees with URLs to their Tor extortion sites.

How Donut Leaks Operates

These Tor sites consist of two components: a shaming blog and a data storage site. Visitors to these sites can freely browse and download all the stolen and leaked data. The stolen data storage server operates using the File Browser application, enabling visitors to navigate through the stolen data categorized by victim. It remains unclear whether the threat actors deploy ransomware during their network breaches or if they solely operate as a data extortion group.

Connections to Other Ransomware Gangs

However, Sheppard Robson, a victim, did disclose that their recent attack involved ransomware. Researchers also believe that Donut Leaks could be an offshoot of the Ragnor Locker and Hive ransomware gangs.