Ransomware Group: SARCOMA

VICTIM NAME: Milberg

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the SARCOMA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The leak involves the law firm Milberg, which specializes in assisting ransomware victims. The breach was discovered on July 8, 2025, and includes a substantial data archive of approximately 3 terabytes containing sensitive client information. Notably, the incident reveals that the firm became a victim of a ransomware attack itself, highlighting the risks faced by cybersecurity professionals and legal entities involved in ransomware cases. The leaked data encompasses information related to several other companies based in the United States, including URLs associated with these organizations. The leak appears to be part of a broader exposure titled “sarcoma,” which may reflect the nature or label designated by the threat actors.

The compromised data is reported to include confidential information, although specific details are not provided. The attackers have made the data publicly accessible, and no explicit mention of download links is available at this time. The leak does not specify the exact types of documents or data involved, but the large size and sensitive nature suggest extensive exposure. An image or screenshot was not included, but the report indicates that the breach has compromised client confidentiality and highlights the importance of cyber defense for legal firms. The incident underscores vulnerabilities faced by organizations that handle sensitive client data and demonstrates the ongoing threat landscape for cybersecurity professionals in the United States.