everest attacks Greenberg Gandstien

Incident Date:

March 7, 2022

World map



everest attacks Greenberg Gandstien


Greenberg Gandstien




New York, USA

New York, USA

First Reported

March 7, 2022

Greenberg & Stein, P.C. Targeted by Ransomware Group Everest

Company Overview

Greenberg & Stein, P.C. is a law firm that specializes in personal injury cases. The company's website provides information about their services, attorneys, and contact details.

Industry and Vulnerabilities

The Law Firms & Legal Services sector has been a target for ransomware attacks due to the sensitive nature of the data they handle. In this case, Everest exploited a vulnerability in Greenberg & Stein's systems, likely through a phishing email or a software vulnerability. The attackers encrypted the firm's data and demanded a ransom for its release.

Ransomware Group Everest

Everest is a ransomware group that has been active in the cybercrime landscape. They have been known to target various sectors, including healthcare and law firms. The group's attacks typically involve encrypting the victim's data and demanding a ransom for its release.

Impact and Response

The ransomware attack on Greenberg & Stein, P.C. has disrupted the firm's operations, potentially causing data loss and financial damage. The firm is likely working with cybersecurity experts to assess the extent of the damage and develop a response strategy.

Previous Ransomware Attacks

Ransomware attacks on law firms and legal services have been on the rise, with groups like Everest targeting these organizations due to the sensitive nature of the data they handle. In 2023, ransomware victims paid a record $1.1 billion in ransoms.

The ransomware attack on Greenberg & Stein, P.C. underscores the critical importance of cybersecurity measures within the legal sector to safeguard against such threats. The firm's engagement with cybersecurity professionals to navigate the aftermath of this incident is a prudent step towards recovery and future resilience.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.