blackbasta attacks LAWRENCED ROHLFING, INC. CPC
Incident Date:
September 7, 2022
Overview
Title
blackbasta attacks LAWRENCED ROHLFING, INC. CPC
Victim
LAWRENCED.ROHLFING,INC.CPC
Attacker
Blackbasta
Location
First Reported
September 7, 2022
Ransomware Attack on Law Firm LAWRENCED ROHLFING, INC. CPC
On February 24, 2023, the law firm Mastagni Holstedt, a prominent Sacramento, California law firm, experienced a major outage of its servers and computer network, which resulted in the loss of access to its servers and data. The attack was attributed to the ransomware group Black Basta, a Russian-speaking group that has been detected since early 2023.
Victim Profile
LAWRENCED.ROHLFING,INC.CPC is a law firm that specializes in Social Security Disability Insurance (SSDI) and Supplemental Security Income (SSI) claims, representing claimants before the Social Security Administration (SSA) at all phases of the claims process, including initial applications and appeals. The firm has 17 people on its staff, including seven lawyers, with an average staff member having 15 years of experience. They are small enough to provide personalized representation but large enough to handle cases in federal court.
Vulnerabilities and Impact
The attack on Mastagni Holstedt highlights the importance of robust cybersecurity measures for law firms, particularly those handling sensitive client data. The ransomware attack forced the law firm to pay a ransom to regain access to its data. The incident underscores the need for law firms to ensure that their managed service providers (MSPs) have adequate cybersecurity protections in place to prevent such attacks.
Legal Action
In response to the attack, Mastagni Holstedt filed a lawsuit against LanTech LLC, a Sacramento-based MSP, alleging that it failed to protect the law firm from the ransomware attack. The lawsuit seeks more than $1 million in damages.
The ransomware attack on Mastagni Holstedt serves as a reminder of the importance of robust cybersecurity measures for law firms, particularly those handling sensitive client data. The incident also highlights the potential legal and financial consequences of failing to adequately protect against such attacks.
Sources
- Lawrence Rohlfing, "California Social Security Disability Attorneys | California SSDI Benefits Lawyers | San Diego CA SSI Law Office," www.californiasocialsecurityattorney.com
- MSSP Alert, "MSP Sued By Law Firm After Ransomware Attack," msspalert.com
- Sam Stanton, "Sacramento law firm targeted in ransomware attack sues for $1 million," sacbee.com
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.