Feldman & Lopez data breach
Data Breaches

Feldman & Lopez Data Breach Exposes Sensitive Legal and Client Case Information

By Sean Doyle · · 7 min read

The Feldman & Lopez, P.A. data breach is a reported cybersecurity incident involving the alleged unauthorized access to internal systems belonging to Feldman & Lopez, a Florida based law firm specializing in property insurance litigation and related legal services. The firm was recently listed as a victim on the dark web portal operated by the SAFEPAY ransomware group, which claims to have obtained sensitive internal data associated with the firm. The listing was observed in mid December 2025 and suggests potential exposure of confidential legal and client information.

At the time of reporting, Feldman & Lopez has not publicly confirmed the breach. However, the firm’s appearance on the SAFEPAY leak site indicates that attackers claim to have accessed internal systems and exfiltrated data for extortion purposes. Law firms are frequent targets of ransomware groups due to the volume of sensitive legal, financial, and personal information they maintain.

The Feldman & Lopez data breach highlights ongoing cybersecurity risks facing legal practices in the United States, particularly firms handling insurance disputes, litigation materials, and settlement negotiations that are highly sensitive in nature.

Background on Feldman & Lopez, P.A.

Feldman & Lopez, P.A. is a law firm based in Miami, Florida, providing legal representation primarily in property insurance disputes and related civil litigation. The firm represents policyholders in claims involving residential and commercial insurance matters, often handling complex case documentation and sensitive client communications.

Law firms routinely manage extensive collections of confidential data, including legal pleadings, evidence files, insurance policies, settlement communications, and personally identifiable information belonging to clients. This makes legal practices attractive targets for ransomware groups seeking leverage through the threat of public disclosure.

Modern law firms rely heavily on digital case management systems, document repositories, and email communications, all of which can be compromised if adequate security controls are not in place.

Overview of the Feldman & Lopez Data Breach

According to information published by the SAFEPAY ransomware group, Feldman & Lopez was identified as a victim of a ransomware intrusion. While specific technical details have not been disclosed, ransomware listings typically indicate that attackers claim to have accessed internal networks and extracted data prior to issuing extortion demands.

The Feldman & Lopez data breach may involve unauthorized access to document management systems, email servers, or shared file repositories containing active and historical case materials. Ransomware groups often threaten to publish legal documents to increase pressure during negotiations.

Even without public release of data, the unauthorized extraction of legal records can have serious consequences for clients and the firm.

Types of Data Potentially Exposed

While the full scope of the Feldman & Lopez data breach has not been publicly confirmed, law firms of this type typically store a wide range of sensitive information. Data potentially affected may include:

  • Client names, contact details, and identifying information
  • Legal pleadings, motions, and court filings
  • Insurance policies and claim documentation
  • Settlement discussions and negotiation records
  • Internal legal strategies and attorney work product
  • Financial records related to fees, payments, and settlements
  • Email communications between attorneys, clients, and insurers
  • Employee records and internal administrative files

The exposure of attorney client communications is particularly serious, as it may implicate confidentiality obligations and privilege considerations.

Why Law Firms Are High Value Targets

The Feldman & Lopez data breach reflects a broader trend of ransomware activity targeting law firms. Legal practices often store highly sensitive information that cannot be easily recreated or publicly disclosed without significant harm.

Attackers recognize that law firms face reputational risk and ethical obligations to protect client confidentiality. The threat of leaking legal documents or privileged communications can significantly increase extortion pressure.

Additionally, law firms often represent multiple clients simultaneously, meaning a single breach can affect a wide range of individuals and organizations.

SAFEPAY Ransomware Group Activity

The SAFEPAY ransomware group operates data extortion campaigns that rely on unauthorized access and data exfiltration rather than solely on system encryption. The group maintains a leak site where it lists alleged victims and threatens public release of data.

SAFEPAY has targeted organizations across healthcare, education, legal services, and professional services sectors. Their operations typically involve exploiting weak access controls or compromised credentials.

The inclusion of Feldman & Lopez on the SAFEPAY portal suggests that attackers believe the stolen data has sufficient sensitivity to support extortion demands.

Possible Initial Access Vectors

The specific method used to compromise Feldman & Lopez has not been disclosed. However, ransomware incidents affecting law firms often originate from common access points.

  • Phishing emails targeting attorneys or staff
  • Compromised remote access or VPN credentials
  • Unpatched vulnerabilities in document management systems
  • Weak passwords or lack of multi factor authentication
  • Third party service providers with network access

Once access is gained, attackers often seek out centralized document repositories containing legal files.

The Feldman & Lopez data breach may have implications for both the firm and its clients. Clients could face increased risk of identity exposure, fraud, or reputational harm if legal documents are leaked.

Operationally, the firm may experience disruption to active cases while systems are investigated and secured. Delays in access to case files can affect litigation timelines and client service.

Trust is a foundational element of legal representation, and uncertainty surrounding a data breach can strain client relationships.

Regulatory and Ethical Considerations

If confirmed, the Feldman & Lopez data breach may raise regulatory and ethical issues related to attorney obligations to protect client information. Law firms are subject to professional responsibility standards governing confidentiality.

Depending on the nature of the exposed data, notification requirements under state data breach laws may apply. Firms may also need to notify affected clients and coordinate with legal and cybersecurity professionals.

Failure to adequately safeguard client data can result in disciplinary scrutiny, civil liability, and reputational damage.

Responding to the Feldman & Lopez data breach requires a careful and methodical approach.

  • Engage external cybersecurity and forensic specialists
  • Determine the scope of unauthorized access and data exposure
  • Secure affected systems and reset all credentials
  • Implement multi factor authentication across remote access points
  • Review access logs and file transfer activity
  • Notify affected clients as required by law and ethical rules
  • Enhance internal security controls and staff training

Clear communication with clients is essential to maintaining trust and reducing uncertainty.

Guidance for Affected Clients

Clients of Feldman & Lopez should remain alert for unusual communications referencing legal matters, settlements, or insurance claims.

  • Be cautious of unsolicited messages requesting personal or financial information
  • Verify any unexpected legal communications directly with known contacts
  • Monitor accounts and records for signs of misuse
  • Scan devices for malware using trusted tools such as Malwarebytes

Legal themed phishing attempts often increase following public reporting of law firm breaches.

The Feldman & Lopez data breach underscores the importance of cybersecurity preparedness within the legal sector. As firms increasingly digitize operations, the risks associated with unauthorized access continue to grow.

Ransomware groups view law firms as valuable targets due to the sensitive nature of legal data and the pressure to protect client confidentiality. Strengthening security controls and incident response planning is essential.

As additional information emerges regarding the Feldman & Lopez data breach, further details may become available about the scope of the incident and the measures taken to address it. Legal practices nationwide can use incidents like this as a reminder to reassess their cybersecurity posture and resilience.

Sean Doyle

Sean is a tech author and security researcher with more than 20 years of experience in cybersecurity, privacy, malware analysis, analytics, and online marketing. He focuses on clear reporting, deep technical investigation, and practical guidance that helps readers stay safe in a fast-moving digital landscape. His work continues to appear in respected publications, including articles written for Private Internet Access. Through Botcrawl and his ongoing cybersecurity coverage, Sean provides trusted insights on data breaches, malware threats, and online safety for individuals and businesses worldwide.

View all posts →

Related Posts

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.