Ransomware victim disclosure
← All victimsShibley Righton LLP
listed as SHIBLEY RIGHTON · Claimed by ALPHV/BlackCat · listed 3 years ago
Status timeline
- ListedJan 11, 2024
- Data leakeddate unknown
At a glance
- Group
- ALPHV/BlackCat
- Status
- Data leaked
- Country
- United States
- Sector
- Business Services
- Listed on leak site
- Jan 11, 2024
About the victim
AI dossier — public-source company profileShibley Righton LLP is a full-service law firm based in Toronto, Ontario, Canada, specializing in business law, civil and commercial litigation, immigration law, and personal injury. The firm also provides condominium legal services to clients in Toronto and Ontario.
- Industry
- Legal Services
- Address
- 250 University Avenue, Toronto, ON, Canada
Attack summary
Severity: high — Law firm breach exposes privileged client information, legal documents, and sensitive personal data. Confirmed data exfiltration and publication by known ransomware group represents significant exposure of regulated/sensitive information, even without detailed inventory.ALPHV/BlackCat group claims to have breached Shibley Righton LLP and exfiltrated data. The group has published the data on their leak site, though no specific data inventory or operational impact details are provided in the truncated post.
Data the group says was taken
AI dossier — extracted from the leak post- Legal client files
- Business documents
- Personal information
What the group claims
SHIBLEY RIGHTON LLP is a full-service law firm. It specializes in business law, civil & commercial litigation, immigration law, personal injury, and more
Sources
- Victim siteshibleyrighton.com
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

