cuba attacks CMM, LLP (Formerly Cohen, Miskei & Mowrey, LLP)
Incident Date:
February 4, 2022
Overview
Title
cuba attacks CMM, LLP (Formerly Cohen, Miskei & Mowrey, LLP)
Victim
CMM, LLP (Formerly Cohen, Miskei & Mowrey, LLP)
Attacker
Cuba
Location
First Reported
February 4, 2022
CMM, LLP Targeted by Ransomware Group Cuban
CMM, LLP, a law firm operating in the Law Firms & Legal Services sector, has been targeted by the ransomware group Cuban. The attack was announced on the group's dark web leak site, and the victim's website is http://www.cmmcpas.com/. The company, which was formerly known as Cohen, Miskei & Mowrey, LLP, is based in Sacramento, California.
CMM, LLP is a mid-sized law firm that offers services in business management, litigation, and tax. The firm has been in operation for several years and has built a reputation for providing high-quality legal services to its clients. However, the attack by Cuban has exposed vulnerabilities in the firm's cybersecurity defenses, which have made it a target for threat actors.
The ransomware attack on CMM, LLP is part of a new wave of attacks where law firm data is not just encrypted and held for ransom, but also released to the public if the ransom is not paid. This type of attack, known as Maze ransomware, is particularly troubling because it involves the exfiltration of data before encryption, which can lead to sensitive information being made public.
The attack on CMM, LLP highlights the need for law firms to strengthen their data security measures to protect their clients' sensitive information. The firm, like many others in the legal industry, has been identified as a valuable target for hackers due to the sensitivity of the data they handle.
The ransomware attack on CMM, LLP is a reminder of the importance of robust cybersecurity measures in the legal industry. Law firms must prioritize data protection and implement comprehensive information security programs to safeguard their clients' information from potential threats.
Sources
- CMM, LLP. (n.d.). Employee Portal. Retrieved April 10, 2024, from http://www.cmmcpas.com/
- Reddit. (2024, March 4). Sacramento law firm sues for $1 million after falling prey to ransomware attack. Retrieved April 10, 2024, from https://www.reddit.com/r/msp/comments/1b6jldx/sacramento_law_firm_sues_for_1_million_after/
- YouTube. (2024, March 10). Law Firm Sues IT Provider Over Ransomware Attack. Retrieved April 10, 2024, from https://www.youtube.com/watch?v=xKbs_iB4CI0
- Legal Fuel. (2024, March 6). Prominent Sacramento law firm sues for $1 million after falling prey to ransomware attack. Retrieved April 10, 2024, from https://www.legalfuel.com/prominent-sacramento-law-firm-sues-for-1-million-after-falling-prey-to-ransomware-attack-guest-post/
- Logikcull. (2024). Ransomware Hits Law Firms Hard-And It's Worse Than Ever Before. Retrieved April 10, 2024, from https://www.logikcull.com/blog/maze-ransomware-law-firms
- The Record. (2023, March 27). Law firm fined $200,000 over 'poor data security' that led to ransomware attack. Retrieved April 10, 2024, from https://therecord.media/new-york-law-firm-hpmb-fined-data-breach-ransomware
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.