Back to Blog
high severity June 18, 2026 · scope unconfirmed

Burris MacOmber Listed by thegentlemen Ransomware Group

***.com zoominfo.com/c/burris--macomber-pllc/368834075 Burris & MacOmber, PLLC is a reputable law firm based in Tucson, Arizona, recognized for its commitment to excellence and integrity in legal practice. The firm provides a comprehensive range of services, including civil litigation, international business law, real estate transactions, and estate planning. Backed by a team of experienced attorneys and knowledgeable support staff, they deliver tailored legal solutions to effectively meet their clients' diverse needs

⚠ Were you affected?
Free email scanner — we check your address against 15.4B+ leaked records in 15 seconds.
Run free scan →
Severity High
Disclosed June 18, 2026
Affected Unconfirmed
Data exposed Internal files exfiltrated in ransomware attack

On June 18, 2026, Burris & MacOmber PLLC, a Tucson, Arizona law firm specializing in civil litigation, international business law, real estate, and estate planning, appeared on the leak site of the ransomware group known as The Gentlemen. Public reporting indicates the firm’s internal files were exfiltrated during a ransomware attack, with the data now publicly listed for anyone to access.

Confirmed Details of the Incident

Available reporting describes the listing on the group’s leak platform, hosted via ransomware.live at the URL tied to the firm’s name. The exposed material consists of internal files taken during the intrusion. The number of people whose information appears in the files remains unknown, as does the precise volume and sensitivity of every document. No confirmed timeline for the initial breach has been published beyond the June 18 leak date.

Why This Matters for You and Your Family

When a law firm’s internal records are dumped online, the people named in those files—clients, counterparties, employees, and their families—can face immediate risks. Legal documents often contain full names, addresses, dates of birth, Social Security numbers, financial details, and case notes. Once that information is loose on the internet, it never truly disappears. You or your family could see it surface in identity-theft attempts, insurance fraud, or targeted scams months or years later. Even if you never hired this specific firm, shared vendors, court records, or family connections can still place your data inside documents that now sit on a ransomware leak site.

The Doxxing and Identity-Chain Risks

A single breach rarely stays isolated. Attackers and opportunistic criminals combine the newly released files with data from earlier leaks to build detailed profiles. An email from one breach links to a phone number from another; a child’s gaming username ties back to a parent’s address listed in estate-planning paperwork. These identity chains let criminals move from simple identity theft to full doxxing—publishing your home address, children’s names and schools, or photos—often as leverage for extortion or harassment. Credential leaks like this one frequently cascade into account takeovers on email, banking, and gaming platforms.

The Gentlemen’s Publicly Known Track Record

Public reporting attributes the attack to The Gentlemen ransomware group. The group emerged in recent years and has targeted organizations across multiple sectors by gaining initial access, exfiltrating sensitive data, and then publishing samples on their leak site when victims do not pay. Their typical playbook combines ransomware encryption with public shaming through data dumps, a pattern seen in prior incidents listed on ransomware tracking sites. Exact details of every past victim remain subject to ongoing verification, but the group’s focus on exposing stolen files to pressure payment is well documented in available reporting.

What to do

  • Run a DoxxScan to map every link between your emails, phone numbers, usernames, and real-world identity so you can see exactly what this leak connects to.
  • Rotate any password used at Burris & MacOmber or shared with the exposed systems, then enable 2FA through an authenticator app rather than text messages.
  • Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next time your information appears it is caught and addressed within hours, not months.
  • Cover the household with DoxxScan family protection that extends to dependents and children’s gaming accounts, which often become entry points when parent data is already public.
  • Let remediation specialists handle takedown requests and broker removals for you instead of attempting manual outreach that can take hundreds of hours.

The incident shows how quickly professional data can become public and how those files can chain together with other leaks to expose ordinary families. Starting with a clear map of your digital footprint and maintaining continuous oversight gives you the best chance of staying ahead of the next breach. DoxxScan by GalaxyWarden delivers that continuous monitoring across 15.4B+ breach records and 100+ platforms, AI-powered identity-chain mapping, hands-on remediation by specialists, and full household coverage including children’s gaming accounts.

Share this Post on X Reddit Email
Why this isn’t just another breach checker

A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.

Free checker Tells you the breach happened. End of story. You’re still on 800+ broker sites.
$129+/yr Broker-removal services scrub the address but don’t see the breach — next leak re-exposes you.
GalaxyWarden Maps the chain. Cleans both halves. $19 one-shot. Closed loop.

⚠ Were you in this breach?

Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.

Check my email — free →
Close the chain attack

Both halves of the chain, cleaned once.

A breach put your credentials in 15.4B+ leaked records. Hackers chain that data to your address on 800+ broker sites. GalaxyWarden closes both halves for $19 once — no subscription required.

Clean both halves — $19 →
Free breach scan + 800+ broker letters + 30-day proof · one payment, no subscription
W Warden Plus — ongoing monitoring $9.99/mo
Warden Plus ($9.99/mo or $99/yr): weekly re-scans, breach alerts, AI Concierge, auto re-files on relisted brokers.