Ransomware Group BianLian Strikes Connecticut Law Firm D'Amico & Pettinicchi, LLC

Incident Date:

April 22, 2024

World map

Overview

Title

Ransomware Group BianLian Strikes Connecticut Law Firm D'Amico & Pettinicchi, LLC

Victim

D'amico and Pettinicchi, LLC

Attacker

Bianlian

Location

Watertown, USA

Connecticut, USA

First Reported

April 22, 2024

Ransomware Attack on D'Amico & Pettinicchi, LLC by BianLian Group

Attack Overview

D'Amico & Pettinicchi, LLC, a Connecticut-based law firm specializing in personal injury and medical malpractice, has become the latest victim of the notorious ransomware group BianLian. The attack resulted in the exfiltration of approximately 2 TB of sensitive data, including financial records, human resources data, case files, court documents, and personal information of clients.

Details of the Compromised Data

The data breach involved a wide array of sensitive information critical to the operations of the law firm. This includes:

  • Financial data and HR records
  • Incident and case files related to ongoing legal matters
  • Court and litigation documents
  • Exhibits and evidence files
  • Personally Identifiable Information (PII) and Protected Health Information (PHI) of clients
  • Internal and external email communications

Company Profile

Founded in 1990, D'Amico & Pettinicchi, LLC has established itself as a dedicated law firm with a focus on personal injury, medical malpractice, and nursing home negligence. The firm is known for its personalized service, provided by a team of experienced attorneys and paralegals. With an estimated annual revenue between $5 million to $10 million and a staff size of 11-50 employees, the firm emphasizes client-focused legal representation.

Vulnerabilities and Target Profile

The law firm's extensive handling of sensitive client data, combined with its size and financial capacity, makes it an attractive target for ransomware attacks like those conducted by BianLian. Law firms are particularly vulnerable due to the nature of the data they manage, which includes confidential legal and personal information that can be exploited for extortion.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.