Cybersecurity Breach: Druckman Law Group Targeted by INC Ransomware Attack

Incident Date:

April 15, 2024

World map



Cybersecurity Breach: Druckman Law Group Targeted by INC Ransomware Attack


Druckman Law Group


Inc Ransom


Westbury, USA

New York, USA

First Reported

April 15, 2024

Ransomware Attack on Druckman Law Group by INC Ransom

Company Overview

Druckman Law Group PLLC, a specialized law firm based in Westbury, New York, has been a notable player in the legal sector, particularly in real estate and lending institution law. With a focus on mortgage foreclosure, bankruptcy, eviction, and REO issues, the firm has carved out a niche in the New York legal landscape. Operating for over 28 years, Druckman Law Group is approved by major institutions like Fannie Mae and Freddie Mac to handle their legal files, underscoring its credibility and specialization in this sector.

The firm is relatively small, with less than 25 employees and an estimated annual revenue of less than $5 million, which positions it within the small to medium-sized enterprise (SME) category in the legal industry.

Details of the Ransomware Attack

The ransomware group INC Ransom, known for its sophisticated cyberattacks, has claimed responsibility for a ransomware attack on Druckman Law Group. INC Ransom's modus operandi includes spear-phishing, exploitation of vulnerabilities, and the use of legitimate system tools to perform reconnaissance and lateral movements within the victim's network.

This attack is particularly alarming as it involves not only the encryption of data but also the theft and potential public release of sensitive information, a tactic known as double extortion. The exact nature and scope of the data compromised have not been disclosed, but given the firm's area of specialization, it could potentially include sensitive client information related to legal cases and financial transactions.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.