lockbit2 attacks noll-law

Incident Date:

April 4, 2022

World map



lockbit2 attacks noll-law






Springfield, USA

Illinois, USA

First Reported

April 4, 2022

Noll-Law Faces Ransomware Attack by Lockbit2 Group

The law firm Noll-Law has been targeted by the ransomware group Lockbit2, as reported on the group's dark web leak site. The firm operates in the Law Firms & Legal Services sector. The size of the company and its specific vulnerabilities are not provided in the search results.

Noll-Law is a personal injury and criminal defense law firm based in Springfield, Illinois. The firm has received positive reviews from clients, with one client praising the firm for being "amazing people" who "keep everything truthful with you and always have your back". The firm's website features a section for testimonials, indicating a focus on client satisfaction and personalized service.

The ransomware attack on Noll-Law is part of a broader trend of ransomware targeting various industries, including healthcare and public health. The Lockbit2 group is known for its ransomware-as-a-service (RaaS) operations, where malicious actors post ads for their services on dark web marketplaces.

The Lockbit2 group has been active since at least 2020 and has targeted organizations in multiple sectors, including critical infrastructure and professional services. The group gains access to victim systems through valid Remote Desktop Protocol (RDP) credentials and uses open-source tools and command-line scripting for discovery and credential harvesting.

The attack on Noll-Law highlights the need for law firms and other organizations to implement robust cybersecurity measures to protect against ransomware attacks. This includes regular data backups, software updates, and employee training on phishing and other cybersecurity threats.

The ransomware attack on Noll-Law by the Lockbit2 group underscores the importance of cybersecurity for law firms and other organizations. The firm's positive reputation and client testimonials do not necessarily protect it from cyber threats, highlighting the need for proactive measures to mitigate the risks of ransomware and other cyber attacks.


  • Noll-Law. (n.d.). Personal Injury & Criminal Defense Lawyers in Springfield, Illinois. Retrieved April 10, 2024, from https://www.noll-law.com/
  • CISA. (2020, November 02). Ransomware Activity Targeting the Healthcare and Public Health Sector. Retrieved April 10, 2024, from https://www.cisa.gov/news-events/cybersecurity-advisories/aa20-302a
  • Cybereason. (n.d.). What are the Legal Implications from a Ransomware Attack? Retrieved April 10, 2024, from https://www.cybereason.com/blog/what-are-the-legal-implications-from-a-ransomware-attack
  • CISA. (2023, May 16). #StopRansomware: BianLian Ransomware Group. Retrieved April 10, 2024, from https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-136a
  • FTC. (n.d.). Ransomware. Retrieved April 10, 2024, from https://www.ftc.gov/business-guidance/small-businesses/cybersecurity/ransomware

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.