Ransomware Attack on Isaacs Odinocki LLP by RansomHouse

Victim Overview

Isaacs Odinocki LLP, a Canadian-based litigation firm operating in Toronto, Ontario, Canada, specializing in insurance coverage disputes, insurance litigation, and commercial litigation matters. The company is known for its expertise in precedent-setting cases, particularly in the marine and transportation sectors. The firm operates within the law firms and legal services industry. With less than 25 employees and revenue below $5 million, it is a relatively small firm in terms of size and financial scale.

Attack Overview

Isaacs Odinocki LLP's website was targeted in a ransomware attack by the cybercriminal group RansomHouse. The attackers successfully took 350 GB of data from the company's systems, although the specific types of data were not disclosed. The ransom demand details were not provided.

Ransomware Group - RansomHouse

RansomHouse is a unique data extortion group that emerged in late 2021. Unlike traditional ransomware groups, RansomHouse focuses on stealing sensitive data from victims and threatening to publicly release it if a ransom is not paid. The group positions itself as a mediator community aiming to highlight security vulnerabilities in organizations.

How RansomHouse Penetrated Isaacs Odinocki LLP

Given RansomHouse's focus on exploiting vulnerabilities in organizations, it is likely that the group identified a security gap in Isaacs Odinocki LLP's systems, allowing them to steal a significant amount of data. The lack of encryption of stolen data by RansomHouse also contributed to the success of the attack on the law firm.

Sources

• VisionMech
• ZoomInfo - Isaacs Odinocki LLP
• IOLAW
• Lexology
• Trellix
• ThreatDown
• Avertium
• SentinelOne
• CyberInt