Ransomware victim disclosure
← All victimsSandberg Phoenix
Claimed by SilentRansomGroup · listed 2 months ago
Status timeline
- ListedMay 8, 2026
- Data leakeddate unknown
At a glance
- Group
- SilentRansomGroup
- Status
- Data leaked
- Country
- Sweden
- Listed on leak site
- May 8, 2026
About the victim
AI dossier — public-source company profileSandberg Phoenix is a law firm that has provided legal services for over 45 years to clients of varying sizes throughout the Midwest and beyond. Based on the leak post description, the firm operates across multiple practice areas serving a broad client base. No additional details are available from a public site excerpt.
- Industry
- Legal Services
Attack summary
Severity: high — Law firms routinely hold privileged client communications, contracts, financial records, and PII at scale; the disclosed/published status confirms data has been released rather than merely threatened, warranting a high severity rating even without explicit data inventory details.SilentRansomGroup claims to have attacked Sandberg Phoenix and has published data ('data_published' status), though the specific nature of the exfiltrated or encrypted data and its volume are not detailed in the truncated post.
Data the group says was taken
AI dossier — extracted from the leak post- Client legal files
- Internal business documents
What the group claims
Over 45 years providing superior legal services to clients of every size throughout the Midwest and ac…
Source
Indexed 2 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

