Ransomware Hits Corbally, Gartland & Rappleyea LLP: Data at Risk
Incident Date:
August 29, 2024
Overview
Title
Ransomware Hits Corbally, Gartland & Rappleyea LLP: Data at Risk
Victim
Corbally Gartland and Rappleyea
Attacker
Rhysida
Location
First Reported
August 29, 2024
Ransomware Attack on Corbally, Gartland and Rappleyea, LLP
Corbally, Gartland and Rappleyea, LLP, a distinguished full-service law firm based in New York's Hudson Valley, has fallen victim to a ransomware attack orchestrated by the Rhysida Ransomware Group. The firm, known for its aggressive, ethical, and cost-effective legal counsel, now faces the threat of sensitive data exposure.
About Corbally, Gartland and Rappleyea, LLP
Founded in 1876, Corbally, Gartland and Rappleyea, LLP has established itself as a preeminent legal practice in the Hudson Valley region. The firm offers a wide range of services, including banking, estates, litigation, real estate, corporate law, family law, tax assessment, wills, bankruptcy, and employment law. With offices in Pleasant Valley and Millbrook, the firm serves both individuals and businesses, emphasizing client satisfaction and integrity.
Details of the Attack
The Rhysida Ransomware Group has claimed responsibility for the attack on Corbally, Gartland and Rappleyea, LLP. The attackers have threatened to publish the firm's data within the next 6-7 days and have already posted sample screenshots on their dark web portal as proof of the breach. This puts significant pressure on the firm to respond to the cybercriminals' demands to prevent the exposure of sensitive information.
About the Rhysida Ransomware Group
First sighted in May 2023, the Rhysida Ransomware Group has quickly made a name for itself in the cybercrime arena. The group primarily targets sectors such as education, healthcare, manufacturing, information technology, and government. Rhysida ransomware is written in C++ and targets the Windows Operating System, employing the ChaCha20 encryption algorithm. The group uses a double extortion technique, stealing data before encrypting it and threatening to publish it unless a ransom is paid.
Potential Vulnerabilities
Corbally, Gartland and Rappleyea, LLP's extensive range of services and the sensitive nature of the data they handle make them an attractive target for ransomware groups like Rhysida. The firm's reliance on digital systems for managing client information and legal documents could have provided multiple entry points for the attackers. Phishing campaigns and the exploitation of valid credentials are common methods used by Rhysida to infiltrate networks.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.