cuba attacks CMM, LLP (Formerly Cohen, Miskei & Mowrey, LLP)

Incident Date:

February 4, 2022

World map



cuba attacks CMM, LLP (Formerly Cohen, Miskei & Mowrey, LLP)


CMM, LLP (Formerly Cohen, Miskei & Mowrey, LLP)




Woodland Hills, USA

California, USA

First Reported

February 4, 2022

CMM, LLP Targeted by Ransomware Group Cuban

CMM, LLP, a law firm operating in the Law Firms & Legal Services sector, has been targeted by the ransomware group Cuban. The attack was announced on the group's dark web leak site, and the victim's website is The company, which was formerly known as Cohen, Miskei & Mowrey, LLP, is based in Sacramento, California.

CMM, LLP is a mid-sized law firm that offers services in business management, litigation, and tax. The firm has been in operation for several years and has built a reputation for providing high-quality legal services to its clients. However, the attack by Cuban has exposed vulnerabilities in the firm's cybersecurity defenses, which have made it a target for threat actors.

The ransomware attack on CMM, LLP is part of a new wave of attacks where law firm data is not just encrypted and held for ransom, but also released to the public if the ransom is not paid. This type of attack, known as Maze ransomware, is particularly troubling because it involves the exfiltration of data before encryption, which can lead to sensitive information being made public.

The attack on CMM, LLP highlights the need for law firms to strengthen their data security measures to protect their clients' sensitive information. The firm, like many others in the legal industry, has been identified as a valuable target for hackers due to the sensitivity of the data they handle.

The ransomware attack on CMM, LLP is a reminder of the importance of robust cybersecurity measures in the legal industry. Law firms must prioritize data protection and implement comprehensive information security programs to safeguard their clients' information from potential threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.