Gleason Flynn Emig McAfee Targeted by Black Basta Ransomware

Incident Date: Nov 19, 2024

Attack Overview

VICTIM

Gleason, Flynn, Emig & McAfee

INDUSTRY

Law Firms & Legal Services

LOCATION

USA

ATTACKER

Blackbasta

FIRST REPORTED

November 19, 2024

Request Removal

Ransomware Attack on Gleason, Flynn, Emig & McAfee: A Closer Look

Gleason, Flynn, Emig & McAfee (GFEM), a prominent law firm based in Rockville, Maryland, has recently fallen victim to a ransomware attack orchestrated by the notorious Black Basta group.

About Gleason, Flynn, Emig & McAfee

Founded in 1983, GFEM specializes in defending employers, insurers, and large self-insured entities against claims in Maryland and the District of Columbia. The firm is recognized for its expertise in complex civil litigation, particularly in healthcare and construction sectors. With a team of 1 to 50 employees, GFEM is known for its focused niche in insurance defense and litigation, setting it apart from broader service law firms.

Attack Overview

The ransomware attack resulted in the encryption of approximately 550GB of data, affecting corporate data, personal folders, and confidential client information. Despite the breach, GFEM's website and contact information remain operational. The firm's leadership, including founders Jim Gleason and Mike Flynn, have yet to issue public statements regarding the incident.

Black Basta: The Ransomware Group

Emerging in April 2022, Black Basta operates as a Ransomware-as-a-Service (RaaS) provider, employing double extortion tactics. The group is known for targeting high-value sectors such as healthcare and finance, leveraging sophisticated techniques to infiltrate systems. Black Basta's operations are characterized by their closed affiliate model, ensuring high standards in execution and security.

Potential Vulnerabilities

GFEM's specialization in handling sensitive legal matters makes it an attractive target for ransomware groups like Black Basta. The firm's reliance on confidential client data and its operational dependencies increase its susceptibility to such attacks. Black Basta likely penetrated GFEM's systems through spear-phishing or exploiting known vulnerabilities, a common tactic in their modus operandi.

Implications for the Legal Sector

This attack underscores the critical need for enhanced cybersecurity measures within the legal industry. As law firms continue to manage sensitive data, they must remain vigilant against evolving cyber threats. The incident at GFEM serves as a stark reminder of the potential risks and the importance of proactive defense strategies.

Sources:

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.