The Akira ransomware group has claimed responsibility for cyberattacks on three U.S. companies, threatening to publish gigabytes of sensitive information. The victims, listed on the gang’s dark web leak site, include two law firms and a leading stone fabricator. The targeted companies are Imblum Law Offices, a Pennsylvania-based firm specializing in bankruptcy cases; Martin, Showers, Smith & McDonald, LLC, a Texas law firm handling civil litigation and personal injury; and MultiStone, a major fabricator and installer of stone countertops in the Low Country region.
The cybercriminal group alleges to have exfiltrated a significant trove of data from each victim, posing a severe risk to the privacy of their clients and employees. The impact on the two law firms is particularly concerning due to the highly confidential nature of legal and personal documents. The attackers claim to be in possession of extensive personally identifiable information (PII) and privileged records. This incident highlights the persistent threat ransomware poses to various sectors, with legal and manufacturing industries proving to be lucrative targets for their sensitive data.
The ransomware operators have detailed the types of data they allegedly stole. For Imblum Law Offices and Martin, Showers, Smith & McDonald, the data includes a vast amount of client and employee records. The data allegedly exfiltrated from the victims includes:
- From MultiStone (over 8 GB):
- Employee documents
- Financial data
- Numerous projects
- Confidentiality agreements
- From Imblum Law Offices (over 20 GB):
- Client personal documents (passports, SSNs, death/birth certificates, financial information)
- Court hearings and protocols
- Employee information
- Other confidential documents
- From Martin, Showers, Smith & McDonald, LLC (over 8 GB):
- Scans of client personal documents (passports, SSNs, death/birth certificates, driver’s licenses)
- Employee information
- Confidential documents
- Court reports
