Ransomware Hits Wayne Wright LLP: 1TB of Sensitive Data Compromised

Incident Date:

August 30, 2024

World map

Overview

Title

Ransomware Hits Wayne Wright LLP: 1TB of Sensitive Data Compromised

Victim

Wayne Wright, LLP.

Attacker

Bianlian

Location

San Antonio, USA

Texas, USA

First Reported

August 30, 2024

Ransomware Attack on Wayne Wright LLP by BianLian Group

Wayne Wright LLP, a prominent personal injury law firm based in Texas, has recently fallen victim to a ransomware attack orchestrated by the notorious BianLian group. The attack has compromised approximately 1TB of sensitive data, including personal information, financial records, contract data, and email archives.

About Wayne Wright LLP

Founded in 1975 by Wayne Wright, the firm specializes in personal injury law, offering legal services on a contingency fee basis. This model allows clients to pursue justice without the burden of upfront legal costs. Wayne Wright LLP operates primarily in Texas, with offices in San Antonio, Austin, Corpus Christi, and El Paso, and has expanded to St. Louis, Missouri, and Birmingham, Alabama. The firm is known for its client-centered approach and commitment to treating clients with dignity and respect.

Attack Overview

The ransomware attack has exposed critical business and client information, posing significant operational and reputational risks. The compromised data includes personal information, accounting and financial records, contract data, non-disclosure agreements, accident reports, files from the Chief Financial Officer's PC, and email and message archives. The firm, led by CEO Wayne Wright and Chief Information Officer Kristina Sprey, generates over $5 million in revenue annually.

About the BianLian Group

BianLian is a sophisticated ransomware group known for targeting sectors with sensitive data and financial capacity, including legal services. Initially functioning as a banking trojan, BianLian transitioned into advanced ransomware operations, emphasizing extortion-based strategies. The group gained initial access through compromised Remote Desktop Protocol (RDP) credentials and employed various tools for discovery, lateral movement, collection, exfiltration, and impact.

Penetration and Impact

BianLian's attack on Wayne Wright LLP underscores the vulnerabilities in the legal sector, particularly in firms handling sensitive client information. The group's tactics have evolved to include exfiltration-based extortion, threatening victims with financial, business, and legal consequences if payment is not made. The breach at Wayne Wright LLP highlights the urgent need for enhanced cybersecurity measures to protect against such sophisticated threats.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.