Ransomware victim disclosure
← All victimsPappas Grubbs Price PC
listed as sheehyware.com · Claimed by Alphv · listed 3 years ago
Status timeline
- ListedNov 8, 2023
- Data leakeddate unknown
At a glance
- Group
- Alphv
- Status
- Data leaked
- Sector
- Technology
- Listed on leak site
- Nov 8, 2023
About the victim
AI dossier — public-source company profilePappas Grubbs Price PC is a Texas-based law firm with multiple office locations (Houston, Austin, Dallas, San Antonio area based on phone numbers). The firm specializes in commercial litigation, construction, energy, health care, labor, maritime, and professional liability matters, employing dozens of named attorneys.
- Industry
- Legal Services
Attack summary
Severity: critical — Confirmed exfiltration of 1.5 TB claimed to include employee PII and client confidential legal files; law firms handle highly sensitive regulated client information. Data published status confirmed.ALPHV claims to have exfiltrated 1.5 TB of sensitive data including customer files, employee personal data, and internal databases (referenced as 'Coyote database'). The group threatens publication and legal consequences if ransom is not paid.
Data the group says was taken
AI dossier — extracted from the leak post- customer files
- employee personal data
- internal databases (Coyote)
- company confidential records
What the group claims
We have more than 1.5 TB of sensitive data about your company, customer files, personal data of employees, your Coyote database and much more. If I were you, I wouldn’t waste time and follow the link in the file, otherwise we will publish these files and then you will have to close your company, because there will be a huge number of lawsuits against you.
Sources
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

