lockbit2 attacks omalleytunstall...

Incident Date:

March 31, 2022

World map



lockbit2 attacks omalleytunstall...






Raleigh, USA

North Carolina, USA

First Reported

March 31, 2022

Ransomware Attack on O'Malley Tunstall PC: A Cybersecurity Analysis

Overview of the Incident

O'Malley Tunstall PC, Injury & Disability, a North Carolina-based law firm, recently fell victim to a ransomware attack by the Lockbit2 group. The incident was disclosed on the group's dark web leak site. Operating within the Law Firms & Legal Services sector, O'Malley Tunstall PC has a long history of providing legal services across various practice areas, including personal injury and disability claims.

The Firm's Profile

Despite the absence of specific details regarding the firm's size, it is known that O'Malley Tunstall PC boasts a dedicated team of attorneys and support staff. The firm is well-regarded in the legal community, with numerous clients attesting to its professionalism and the quality of its legal representation.

Cybersecurity Vulnerabilities and Implications

The exact vulnerabilities exploited in the ransomware attack have not been publicly disclosed. Nonetheless, the legal sector's handling of sensitive client information and financial records inherently increases its attractiveness as a target for cybercriminals. This incident serves as a stark reminder of the critical need for law firms to implement comprehensive cybersecurity measures to protect against such threats.

The attack on O'Malley Tunstall PC underscores the ongoing risk faced by law firms and the imperative to prioritize cybersecurity to protect client data and preserve firm reputation.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.