Ransomware victim disclosure
← All victimsLiebert Cassidy Whitmore
listed as Liebert Cassidy Whitmore Attorneys · Claimed by SilentRansomGroup · listed 1 year ago
Status timeline
- ListedMay 6, 2025
- Data leakeddate unknown
At a glance
- Group
- SilentRansomGroup
- Status
- Data leaked
- Country
- United States
- Sector
- Business Services
- Listed on leak site
- May 6, 2025
- Ransom demanded
- $82M
- Estimated revenue
- $82M
About the victim
AI dossier — public-source company profileLiebert Cassidy Whitmore is a California-based law firm specializing in labor, education, and employment law. The firm serves clients across these practice areas, with reported annual revenue of approximately $82 million.
- Industry
- Legal Services - Labor, Education & Employment Law
Attack summary
Severity: critical — Law firm data exfiltration exposes attorney-client privileged communications, client PII, and sensitive legal matters. The firm's focus on employment/labor law means exposure of employee records, discrimination claims, and confidential workplace disputes. Data confirmed published with 164 downloads.SilentRansomGroup claims to have exfiltrated data from the firm and published it. The group advertises 164 total downloads of the disclosed materials, indicating data has been publicly released.
Data the group says was taken
AI dossier — extracted from the leak post- Client files
- Legal documents
- Attorney work product
- Potentially privileged communications
The group's post references roughly 164 proof files.
What the group claims
REVENUE: $82M TOTAL DOWNLOADS: 164 COMPANY INFO: Liebert Cassidy Whitmore is California's premier labor, education, and employment law firm. We provide…
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

