ALPHV attacks BC Attorney

Incident Date:

May 29, 2023

World map



ALPHV attacks BC Attorney


BC Attorney




New York, USA

New York, USA

First Reported

May 29, 2023

BC Attorney Hit by Ransomware Attack

BC Attorney, a US-based law firm, has been hit with a ransomware attack. BlackCat ransomware gang has claimed responsibility for the attack, posting BC attorney to its data leak site. The ransomware group claims to have stolen 390GB of company data from the company’s file servers, including:

  • Internal company data such as employee’s personal data, CV’s, DL’s, ID’s SSNs,
  • Financial reports,
  • Insurance data,
  • Credit card information, and
  • Loan data.

BC Attorney has not yet commented on the incident, and it is unclear what BlackCat is demanding and when the ransom deadline will be.

About BlackCat Ransomware

BlackCat, also known as ALPHV, is a ransomware operation that first surfaced in November 2021. It is a possible rebrand of the DarkSide ransomware gang, which was responsible for the infamous Colonial Pipeline incident in 2021. BlackCat is somewhat of a pioneer in ransomware circles, hosting their data leak site on the public internet rather than the dark web.

The Growing Threat to Law Firms

The attack comes amidst a flurry of ransomware attacks on law firms, which primarily succeed through phishing scams or vulnerabilities associated with email systems. Many cybersecurity professionals are calling for law firms to invest more into cybersecurity tooling and awareness training programmes to protect against the growing cybercrime problem.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.