alphv attacks MDR Law

Incident Date:

February 18, 2022

World map



alphv attacks MDR Law






chicago, USA

Illinois, USA

First Reported

February 18, 2022

MDR Law Suffers Ransomware Attack by Alphv Group

MDR Law, a prominent Chicago-based personal injury law firm, has recently fallen victim to a ransomware attack orchestrated by the Alphv group, as disclosed on a dark web leak site. Specializing in the Law Firms & Legal Services sector, MDR Law boasts a significant track record, securing over $250 million in verdicts and settlements for their clients. This includes notable cases such as a $38.6 million settlement for a severely injured plaintiff and a $22.2 million jury verdict for an individual who suffered a traumatic brain injury after being ejected from a motorized cart.

The firm's stature and success have rendered it an attractive target for cybercriminals. MDR Law's dedication to personal injury law, combined with a client-focused approach emphasizing open communication, empathy, and personalized attention, presents a lucrative opportunity for attackers seeking to exploit sensitive information or inflict reputational damage. Furthermore, the firm's extensive trial experience and history of representing clients in diverse cases, ranging from car accidents to medical malpractice, have likely contributed to its visibility among ransomware groups.

Increasing Ransomware Threats to the Legal Sector

The legal industry is experiencing a surge in ransomware attacks, with nearly 75% of the UK's top-100 law firms having been impacted by cyberattacks. Law firms are repositories of sensitive data, including personal, corporate, trade secrets, and medical records, making them prime targets for cybercriminals. The ethical obligation of law firms to safeguard their clients' confidential information further amplifies the potential repercussions of a successful cyberattack.

Strategies for Protecting Law Firm Data

To defend against ransomware and other cyber threats, law firms should prioritize the security of their most sensitive data. Implementing endpoint detection and response (EDR) and security information and event management (SIEM) tools are critical steps in enhancing cybersecurity defenses. Additionally, having a robust incident response plan is essential for mitigating the impact of potential breaches. Adhering to basic cybersecurity practices, such as enabling multi-factor authentication (MFA), regularly updating software, and exercising caution with unsolicited communications, can significantly reduce the risk of a successful cyberattack.

The ransomware attack on MDR Law underscores the imperative for law firms to fortify their cybersecurity measures. By taking proactive steps to protect sensitive information, law firms can mitigate the risk of reputational damage and ensure the trust of their clients remains intact.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.