Ransomware Group: QILIN

VICTIM NAME: mhmlawgroup[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak site has publicly announced that all data belonging to the law firm MHM Law Group will be available for download on June 10, 2025. The firm is based in California, United States, and specializes in personal injury, immigration, and criminal defense law. The leak indicates a significant compromise, with the attackers claiming possession of sensitive legal documents related to the firm’s clients and cases. The page includes a screenshot of some internal content, suggesting that confidential files may have been accessed or stolen. The leak aims to put pressure on the firm by threatening the release of private information unless the ransom is paid.

The incident was discovered on May 29, 2025, and details show that the attackers operate within the Qilin group. As of now, there is no publicly available information indicating the number of affected employees or third-party involvement. The leak URL points to a dark web site where the stolen data can be accessed once the specified date arrives. Other technical or detailed information about the extortion or the nature of the stolen files is not explicitly provided. The site contains a screenshot of documents or data that appear to be related to legal proceedings or internal records, emphasizing the severity of the breach. This incident underscores the ongoing threat to law firms from cybercriminals seeking to exploit sensitive legal and client information.