alphv attacks Podhurst Orseck

Incident Date:

July 12, 2022

World map



alphv attacks Podhurst Orseck


Podhurst Orseck




Miami, USA

Florida, USA

First Reported

July 12, 2022

Podhurst Orseck Targeted by Alphv Ransomware Group

Podhurst Orseck, a law firm with over 50 years of trial and appellate advocacy experience, has been targeted by the Alphv ransomware group. The attack was announced on the group's dark web leak site. The firm, which operates in the Law Firms & Legal Services sector, has a significant presence in South Florida and handles litigation in various states, countries, and jurisdictions.

Company Size and Industry Standout

Founded in 1967, Podhurst Orseck is a well-established law firm known for its trial and appellate advocacy experience across a broad range of substantive and procedural topics. The firm has garnered a reputation for its expertise in aviation litigation, having handled hundreds of aviation-related cases. Notably, it is the only firm to have tried a Commercial Part 121 case to verdict in more than two decades. Podhurst Orseck's work has also influenced aviation safety regulations and operations, with the Federal Aviation Administration revising its safety guidelines following findings from cases handled by the firm.

Vulnerabilities and Targeting

Law firms, including Podhurst Orseck, have increasingly become targets for ransomware groups due to the sensitive data they manage. The Alphv group's attack involved exfiltrating data before demanding a ransom, a tactic that has become more prevalent in recent years. Such attacks can be particularly devastating given the sensitivity of the data law firms possess.

The incident with Podhurst Orseck highlights the critical need for law firms to prioritize cybersecurity, especially during the discovery process where sensitive information is often concentrated. Security-minded legal professionals are now taking a closer look at their discovery processes, limiting the amount of data that leaves their control, and opting for encrypted, highly-secure, closed-loop systems for their most sensitive documents.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.