Kellerhals Ferguson Kroblin Hit by BianLian Ransomware Attack

Incident Date: Nov 21, 2024

Attack Overview

VICTIM

Kellerhals Ferguson Kroblin PLLC

INDUSTRY

Law Firms & Legal Services

LOCATION

USA

ATTACKER

Bianlian

FIRST REPORTED

November 21, 2024

Request Removal

Ransomware Attack on Kellerhals Ferguson Kroblin PLLC by BianLian Group

On November 22, 2024, the law firm Kellerhals Ferguson Kroblin PLLC fell victim to a ransomware attack orchestrated by the threat actor BianLian. The attack resulted in the exposure of approximately 170GB of sensitive data, including clients' personal information, employees' personal data, accounting data, network users' folders, and mailboxes. Sample screenshots were leaked as proof of the breach, posing potential legal and financial risks for the firm.

Victim Profile

Kellerhals Ferguson Kroblin PLLC is a full-service business law firm operating primarily in the U.S. Virgin Islands and New York. The firm specializes in corporate transactions, tax planning and controversy, real estate, civil litigation, and probate and estate planning. Notably, the firm assists businesses relocating to the U.S. Virgin Islands through the Economic Development Commission's tax incentive program, offering significant tax benefits to attract new businesses to the region.

Vulnerabilities and Targeting

Kellerhals Ferguson Kroblin PLLC's focus on legal services and handling sensitive information made them a prime target for threat actors like the BianLian ransomware group. The firm's small headcount and specialized expertise in business law may have made them more vulnerable to cyber attacks, as they may have limited resources dedicated to cybersecurity measures.

BianLian Ransomware Group

The BianLian ransomware group has gained notoriety for its sophisticated tactics and evolving strategies since its emergence in mid-2022. The group targets sectors like healthcare, legal services, engineering/construction, and manufacturing, focusing on industries where data breaches can have severe consequences. BianLian distinguishes itself through its exfiltration-based extortion model, advanced command and control methods, and persistence in maintaining access to compromised systems.

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.