alphv attacks Waller Law

Incident Date:

March 1, 2022

World map



alphv attacks Waller Law


Waller Law




St Suite, USA

Nashville, USA

First Reported

March 1, 2022

Waller Law Firm Targeted by AlphV Ransomware Group

The AlphV/Black Cat ransomware group has claimed responsibility for an attack on Waller Law, a prominent entity in the Law Firms & Legal Services sector. At the time of investigation, the firm's official website was down, displaying a connection failure error message, which underscores the severity of the cyberattack.

Understanding the Target

While specific details about Waller Law's operations, size, and potential cybersecurity vulnerabilities remain scarce, the legal industry's general landscape provides some insights. Law firms are increasingly becoming prime targets for cybercriminals, primarily due to the wealth of sensitive information they manage. This data, ranging from personal client details to confidential case files, presents a lucrative opportunity for ransomware groups.

The Rise of Cyberattacks in the Legal Sector

The legal sector's susceptibility to cyber threats has been on an upward trajectory, with a notable increase in ransomware and business email compromise (BEC) attacks. Cybercriminals often leverage legal search terms to trap unsuspecting victims, a tactic known as SEO poisoning. The GootLoader threat, for instance, has been particularly active in this domain, exploiting search engine results to ensnare law firms.

In the specific case of Waller Law, the AlphV/Black Cat ransomware group's public acknowledgment of the attack signals a successful breach. This group has a history of targeting legal document platforms and has been actively involved in the legal sector, underscoring the persistent threat landscape facing law firms.

The legal industry ranks as the fourth most targeted sector by cybercriminals, trailing behind services, manufacturing, and financial firms. This ranking highlights the critical need for enhanced cybersecurity measures within the legal sector to protect against the growing threat of cyberattacks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.