maze attacks unknown

Incident Date:

April 15, 2020

World map



maze attacks unknown


Manitoba Law Firms




Winnipeg, Canada

Manitoba, Canada

First Reported

April 15, 2020

Manitoba Law Firms Hit by Cyber Attacks

Work at two Manitoba law firms is at a virtual standstill after cyber attacks left staff without access to their computer systems, locking out digital files, emails and data backups. The Law Society of Manitoba said entire computer systems at the two firms were infected with ransomware, a type of virus that blocks access to computers or files until a ransom is paid, in the last two weeks. It left lawyers and staff at the firms without access to client lists, emails, accounting and financial information, photos and other digital files. Cloud backups were also locked.

"It is suspected that someone clicked on a link or an attachment in an email that was infected with a virus which in turn infected the firms' entire systems," read a notice on the society's website. Kristin Dangerfield, the chief executive officer of the Law Society of Manitoba, said the two attacks weren't the first against Manitoba firms, but coming in the midst of a pandemic doesn't make it easier. "At any time this would be a challenge, but in this environment, even more so," Dangerfield said.

The firms have been asked to pay an "enormous" ransom to regain access to any of their work, the society said. Dangerfield said she isn't aware of what the firms are doing with regard to payment of any ransoms and said she wouldn't speak publicly about it if she did know. She also wouldn't name the firms that were attacked. "It would be inappropriate for us to do that and we expect the firms to notify their clients directly," Dangerfield said.

The law society identified the ransomware virus as Maze. A global cyber crime group of the same name claimed to be responsible for a number of similar incidents in the last six months.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.