Goldman & Peterson Law Firm Hit by RansomHub Ransomware Attack

Incident Date: Aug 16, 2024

Attack Overview
VICTIM
Goldman & Peterson, Plc
INDUSTRY
Law Firms & Legal Services
LOCATION
USA
ATTACKER
Ransomhub
FIRST REPORTED
August 16, 2024

RansomHub Ransomware Attack on Goldman & Peterson, PLLC

Goldman & Peterson, PLLC, a San Antonio-based law firm specializing in insurance defense, has become the latest victim of a ransomware attack by the RansomHub group. The attackers claim to have exfiltrated 2.5 TB of sensitive data and have threatened to publish it within the next week.

About Goldman & Peterson, PLLC

Goldman & Peterson, PLLC is a law firm known for its expertise in insurance defense, particularly in personal injury and commercial vehicle accident cases. The firm, led by experienced attorneys Larry J. Goldman and Gregory J. Peterson, has built a reputation for handling complex litigation involving significant liability and damages assessments. Their deep understanding of state and federal regulations related to trucking and insurance litigation sets them apart in the legal industry.

Operating as a small to mid-sized firm, Goldman & Peterson offers personalized legal services, focusing on achieving favorable outcomes for their clients. Their successful track record in defending against bad faith claims and securing substantial jury awards underscores their proficiency in this specialized field.

Attack Overview

The ransomware group RansomHub has claimed responsibility for the attack on Goldman & Peterson, PLLC. According to the group's dark web leak site, they have accessed and exfiltrated 2.5 TB of the firm's data. The attackers have issued a threat to publish the stolen data within 6 to 7 days if their demands are not met.

About RansomHub

RansomHub is a relatively new player in the ransomware landscape, believed to have roots in Russia. Operating as a Ransomware-as-a-Service (RaaS) group, RansomHub affiliates receive 90% of the ransom payments, with the remaining 10% going to the main group. The group has targeted various sectors across multiple countries, including the US, Brazil, Indonesia, and Vietnam.

RansomHub's ransomware strains are written in Golang, a programming language that has gained popularity among cybercriminals for its efficiency and cross-platform capabilities. This choice of language indicates a trend towards more sophisticated and versatile ransomware attacks.

Potential Vulnerabilities

Law firms like Goldman & Peterson are attractive targets for ransomware groups due to the sensitive nature of the data they handle. The firm's extensive involvement in high-stakes insurance litigation means that any data breach could have significant legal and financial repercussions. Additionally, the firm's reliance on digital records and communications may have provided multiple entry points for the attackers.

Sources

Disclaimer

The Halcyon Attacks Lookout Database is compiled using publicly available information based on the hosting choices of real-world threat actors and data from a variety of trackers. This information is provided in accordance with principles of fair use. Halcyon has made reasonable efforts to sanitize and verify the data; however, we do not guarantee the accuracy, completeness, or reliability of the information provided. Updates to the database are made as new source data becomes available from reputable sources.  By accessing, viewing, or using the information within the Halcyon Attacks Lookout Database, you acknowledge and agree to do so entirely at your own risk. No reliance should be placed upon the information for decision-making, and Halcyon disclaims all liability for any inaccuracies or omissions in the data.

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.