Ransomware victim disclosure
← All victimsCameron, Hodges, Coleman, LaPointe
Claimed by Sarcoma · listed 1 year ago
Status timeline
- ListedJul 1, 2025
- Data leakeddate unknown
At a glance
- Group
- Sarcoma
- Status
- Data leaked
- Country
- Netherlands
- Listed on leak site
- Jul 1, 2025
- Data size
- 86 GB
About the victim
AI dossier — public-source company profileCameron, Hodges, Coleman, LaPointe (CHCLW) is a law firm specializing in insurance defense litigation. The firm emphasizes prompt client communication, jury trial experience, and cost-effective risk management for its clients.
- Industry
- Legal Services - Insurance Defense
Attack summary
Severity: high — Confirmed exfiltration of 86 GB from a law firm handling insurance defense cases; likely contains privileged attorney-client communications, case strategies, and client PII, representing significant exposure of sensitive business and client data.Sarcoma group claims to have exfiltrated 86 GB of data from the firm. The group has published the data archive, indicating confirmed data theft rather than encryption-only.
Data the group says was taken
AI dossier — extracted from the leak post- Client case files
- Legal documents
- Attorney work product
- Client communications
- Financial records
What the group claims
Cameron, Hodges, Coleman, LaPointe CHCLW specializes in insurance defense and has a proven history of client satisfaction. The firm believes in prompt responsiveness, as communication is the key to effective representation. As a firm, we strive exceed client expectations and maintain open communication with our valued clients. Our attorneys have jury trial experience and understand the important balance between aggressive representation and risk management/cost of defense. Above all, the firm values our relationships with our clients, and endeavors to provide excellent customer service on every case.Geo: USA - Leak size: 86 GB Archive - Contains: Files
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

