alphv attacks KELLY,REMMEL&ZIMMERMAN first part

Incident Date:

March 23, 2022

World map



alphv attacks KELLY,REMMEL&ZIMMERMAN first part






Portland, USA

Maine, USA

First Reported

March 23, 2022

Ransomware Attack on Kelly, Remmel & Zimmerman

Company Overview

Kelly, Remmel & Zimmerman (KRZ), a prominent law firm based in Portland, Maine, has been targeted by the ransomware group alphv. This incident was disclosed on the group's dark web leak site, pinpointing KRZ's official website as the compromised entity.

KRZ is renowned for its comprehensive legal services catered to both individuals and businesses. The firm prides itself on its team of seasoned counselors, litigators, researchers, mediators, and educators. These professionals are celebrated for their intellectual agility, keen insight, expertise, creativity, responsiveness, proactivity, integrity, flexibility, and commitment. Operating within a culture that cherishes collegiality, respect for others, professionalism, and community service, KRZ has established itself as a beacon in the legal services sector.

Industry Standout

The firm distinguishes itself by offering an extensive array of legal services, including litigation, mediation, and education. KRZ's adaptability to work across various courts and directly with clients in their homes and businesses further solidifies its standing in the legal community.


The ransomware attack underscores the digital vulnerabilities faced by law firms today. With the legal sector's growing dependence on technology for communication, data storage, and client management, firms like KRZ become prime targets for cybercriminals. This particular incident reveals that attackers were able to exploit a weakness in KRZ's digital defenses, leading to the ransomware compromise.

The breach at Kelly, Remmel & Zimmerman underscores the critical need for heightened cybersecurity measures within the legal services industry. It is imperative for law firms to fortify their digital infrastructure and adopt comprehensive security strategies to thwart future cyber threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.