RansomHouse Strikes Isaacs Odinocki LLP

Incident Date:

May 17, 2024

World map

Overview

Title

RansomHouse Strikes Isaacs Odinocki LLP

Victim

Isaacs Odinocki LLP

Attacker

Ransomhouse

Location

Toronto, Canada

, Canada

First Reported

May 17, 2024

Ransomware Attack on Isaacs Odinocki LLP by RansomHouse

Victim Overview

Isaacs Odinocki LLP, a Canadian-based litigation firm operating in Toronto, Ontario, Canada, specializing in insurance coverage disputes, insurance litigation, and commercial litigation matters. The company is known for its expertise in precedent-setting cases, particularly in the marine and transportation sectors. The firm operates within the law firms and legal services industry. With less than 25 employees and revenue below $5 million, it is a relatively small firm in terms of size and financial scale.

Attack Overview

Isaacs Odinocki LLP's website was targeted in a ransomware attack by the cybercriminal group RansomHouse. The attackers successfully took 350 GB of data from the company's systems, although the specific types of data were not disclosed. The ransom demand details were not provided.

Ransomware Group - RansomHouse

RansomHouse is a unique data extortion group that emerged in late 2021. Unlike traditional ransomware groups, RansomHouse focuses on stealing sensitive data from victims and threatening to publicly release it if a ransom is not paid. The group positions itself as a mediator community aiming to highlight security vulnerabilities in organizations.

How RansomHouse Penetrated Isaacs Odinocki LLP

Given RansomHouse's focus on exploiting vulnerabilities in organizations, it is likely that the group identified a security gap in Isaacs Odinocki LLP's systems, allowing them to steal a significant amount of data. The lack of encryption of stolen data by RansomHouse also contributed to the success of the attack on the law firm.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.