Ransomware Group: WORLDLEAKS

VICTIM NAME: Act Legal

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the WORLDLEAKS Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to a cybersecurity incident involving a law firm network known as Act Legal, which operates primarily in Europe and provides a variety of legal services including corporate law, banking, and dispute resolution. The attack was publicly disclosed with a compromise date of July 11, 2025. The leak exposes data associated with the organization, which has been made accessible via a dark web link, indicating an illegal breach. The page includes a screenshot capturing internal images, possibly of documents or data screens, but no specific sensitive details are publicly shared in the leak summary. The victim is located in Germany, and the incident appears to affect the firm’s digital security infrastructure, potentially compromising client confidentiality and internal communications.

The leak page notes the presence of download links or stolen data that may include internal documents or files related to the law firm’s operations. The exposed image showcases internal visuals, which could be screenshots of confidential records or administrative interfaces. No personally identifiable information (PII) or client data is explicitly shared in the public overview, aligning with standard cybersecurity reporting practices to avoid further exposure. The organization’s focus on legal services across multiple countries emphasizes the importance of safeguarding their client and operational data against such breaches. The incident underscores the increasing threat posed by ransomware groups targeting professional service providers.