Ransomware victim disclosure
← All victimsUrsel Phillips Fellows Hopkinson
Claimed by ALPHV/BlackCat · listed 3 years ago
Status timeline
- ListedJan 11, 2024
- Data leakeddate unknown
At a glance
- Group
- ALPHV/BlackCat
- Status
- Data leaked
- Country
- Canada
- Sector
- Business Services
- Listed on leak site
- Jan 11, 2024
About the victim
AI dossier — public-source company profileUrsel Phillips Fellows Hopkinson LLP is a Toronto-based law firm specializing in labour, employment, and criminal defence law. With nearly 5 decades of practice, the firm provides full-service legal advice to trade unions, workers, and progressive causes, with additional expertise in human rights, constitutional law, civil litigation, and professional regulation.
- Industry
- Legal Services — Labour & Employment Law
- Address
- 555 Richmond St. W., Suite 1200, Toronto, ON M5V 3B1, Canada
Attack summary
Severity: high — Law firm breach with confirmed data publication. Likely exposure of privileged attorney-client communications, sensitive union/employment records, and personal data of workers/clients. High regulatory sensitivity (solicitor-client privilege) and reputational/operational impact.ALPHV/BlackCat claims to have compromised Ursel Phillips Fellows Hopkinson LLP. The group has published data from the breach; no specific details on encryption, exfiltration scope, or ransom demand are stated in the available post.
Data the group says was taken
AI dossier — extracted from the leak post- Client records
- Legal case files
- Employment/union data
- Confidential legal communications
What the group claims
Ursel Phillips Fellows Hopkinson LLP is a Toronto law firm specializing in labour and employment law
Sources
- Victim siteupfhlaw.ca
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

