View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 27, 2023

BlackCat claims to have hacked Sills & Betteridge

The alleged breach follows a string of cyberattacks mounted against legal organisations in Europe and North America this year.

By Greg Noone

Ransomware group BlackCat is claiming to have stolen 1TB of data from UK law firm Sills & Betteridge. According to a statement on its victim blog posted yesterday morning, the organisation – also known as ALPHV – claims to have stolen confidential client documentation and the personal data of staff, among other sensitive files. The group added in broken English that the law firm had three days to initiate negotiations for the ransom of the data, after which time “most of” the files would be published. 

Headquartered in Lincoln, Sills & Betteridge employs 320 people and has become one of northern England’s largest solicitors firms after a series of mergers and acquisitions dating back to 2007. When Tech Monitor approached the law firm to confirm BlackCat’s claim, a spokesperson for Sills & Betteridge stated that it wished to make no comment at this moment in time. BlackCat has not provided any details on how it allegedly compromised Sills & Betteridge’s systems. 

A sculpture of the scales of justice, used to illustrate a story about the alleged hacking of a law firm by ransomware group BlackCat.
Ransomware group BlackCat claims to have breached the systems of Sills & Betteridge, a law firm based in the north of England. (Photo by Sergii Gnatiuk/Shutterstock)

Law firms lucrative target for ransomware gangs

If confirmed, the hack would be the latest in a string of ransomware attacks in recent months against law firms across Europe and North America. Earlier this month, UK-based Allen & Overy announced that it had been breached, with the Russian hackers LockBit claiming credit for the attack. The case followed two more breaches at both the American and the New York City Bar Associations, which exposed the login information of some 1.5 million attorneys and 27,000 members respectively. 

As repositories for sensitive data on both commercial and individual clients, legal organisations such as law firms and bar associations constitute lucrative targets for ransomware gangs, explains Dr Ilia Kolochenko, Adjunct Professor of Cybersecurity & Cyber Law at Capitol Technology University. What’s more, “law firms enjoy a very modest data protection regulation regime compared to such industries as banks or healthcare institutions, while processing data of the same or even higher sensitivity,” says Kolochenko. “We should expect a steady growth of sophisticated attacks against law firms in the near future.”

Who are BlackCat/ALPHV?

BlackCat is a ransomware-as-a-service criminal organisation believed to be based in Russia. The group has orchestrated several high-profile breaches in recent months, with victims as disparate as Reddit, Munster Technical University, Barts Health NHS Trust, Japanese watchmaker Seiko and Casepoint, a litigation technology provider. 

BlackCat also raised eyebrows among cybersecurity analysts earlier this month when, after hacking the financial software provider MeridianLink, it claimed to have reported its victim to the US Securities and Exchange Commission (SEC) for failing to report the breach in good time. According to the group, MeridianLink had “failed to file the requisite disclosure under Item 1.05 of Form 8-K with[in] the stipulated four business days, as mandated by the new SEC rules” – ignoring the fact that these rules do not technically come into force until 15 December.

Read more: BlackCat hacks company, reports victim to SEC

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.