DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

OH: Buckley King law firm hit by BlackBasta

Posted on May 18, 2023 by Dissent

Ransomware groups often promise to keep everything confidential if their victim pays them. They can’t do that if their chats are not secure and someone is able to shoulder-surf or otherwise get access to the negotiations and any files provided by the attackers as proof — or any bitcoin wallet addresses. If victims think or hope that they will be able to keep a breach under wraps and not have to tell anyone, they may be in for a rude awakening. DataBreaches does not know what the victim in this incident intended or intends, but the attack they experienced was publicly revealed by SuspectFile.

SuspectFile reports that the Buckley King LPA law firm was attacked by BlackBasta and agreed to pay a ransom demand. It reports, in part:

Last April the BlackBasta gang managed to enter the law firm’s IT network thanks to social engineering, an employee of the Buckley King LPA allegedly executed an infected attachment present in an e-mail.

According to SuspectFile, BlackBasta informed the law firm’s negotiator that they had 110 GB of files and wanted $400,000 to delete data, provide a decryptor, and provide a “security report.” They eventually settled for $150,000.00

From the detailed reporting, SuspectFile was apparently able to follow the interactions and even the payments, reporting that 6 bitcoins (161,574.00 USD) was the total amount of the transaction, but 5.41537733 bitcoins (145,830.70 $) was deposited in the wallet indicated by BlackBasta while 0.58457449 bitcoins (15,742.01 $) were transferred to another wallet.

They were also able to obtain a copy of the file tree that the victim was presented as proof. It reportedly contained over 230,000 directories and more than 760,000 files.

The law firm’s home page advertises “get straight answers.”

Does Buckley King intend to notify all their clients whose personal information or confidential files had been acquired by criminals?  SuspectFile reports that the firm has not provided them any statement about the incident, despite requests. DataBreaches has also sent the law firm an inquiry. Their home page advertises “get straight answers.” We hope we do get straight answers and will update this post if a reply is received.

 


Related:

  • HHS OCR Settles HIPAA Ransomware Investigation with Syracuse ASC for $250k plus corrective action plan
  • Clorox Files $380M Suit Alleging Cognizant Gave Hackers Passwords in Catastrophic 2023 Cyberattack
  • Cyberattacks Paralyze Major Russian Restaurant Chains
  • #StopRansomware: Interlock
  • Two more entities have folded after ransomware attacks
  • British institutions to be banned from paying ransoms to Russian hackers
Category: Business SectorMalwareU.S.

Post navigation

← Indiana University exposes sensitive student data
Hacker attack Asl Abruzzo, Guarantor: downloading data is a crime →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
  • Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot
  • AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
  • Two Data Breaches in Three Years: McKenzie Health
  • Scattered Spider is running a VMware ESXi hacking spree
  • BreachForums — the one that went offline in April — reappears with a new founder/owner
  • Fans React After NASCAR Confirms Ransomware Breach
  • Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack (1)
  • Infinite Services notifying employees and patients of limited ransomware attack
  • The safe place for women to talk wasn’t so safe: hackers leak 13,000 user photos and IDs from the Tea app

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Congress tries to outlaw AI that jacks up prices based on what it knows about you
  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard
  • Trump Administration Issues AI Action Plan and Series of AI Executive Orders
  • Indonesia asked to reassess data privacy terms in new U.S. trade deal
  • Meta Denies Tracking Menstrual Data in Flo Health Privacy Trial
  • Wikipedia seeks to shield contributors from UK law targeting online anonymity
  • British government reportedlu set to back down on secret iCloud backdoor after US pressure

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.