Schlenker and Cantwell, P.A. Listed by Deadlock Ransomware Group
Schlenker & Cantwell, P.A. is a certified public accounting firm based in the USA, offering services such as tax preparation and planning, auditing and assurance, bookkeeping, payroll, financial reporting, consulting, and estate-trust management.
On July 10, 2026, the ransomware group Deadlock added Schlenker and Cantwell, P.A. to its public leak site after the certified public accounting firm failed to meet the attackers’ demands. The firm, which provides tax preparation, auditing, bookkeeping, payroll, financial reporting, estate planning, and related services to individuals and families across the United States, had internal files exfiltrated in the attack. Public reporting indicates that the number of people whose personal and financial records were taken remains unknown.
Confirmed Details of the Breach
Available reporting describes the incident as a classic ransomware operation: initial access, data theft, followed by an extortion demand. Deadlock posted proof of the exfiltration on its leak site, hosted via a SwissTransfer link. The exposed material consists of internal files belonging to the accounting practice. No confirmed total of affected clients has been released, and the precise date of initial compromise has not been disclosed by the firm or the attackers.
Schlenker and Cantwell has not yet issued a public statement detailing what specific records were taken. In similar incidents, accounting firms typically hold Social Security numbers, tax returns, bank account details, income statements, addresses, and phone numbers for clients and their dependents.
Why This Matters for You and Your Family
When an accounting firm that prepares your taxes or manages your family’s financial paperwork is breached, the data stolen is among the most sensitive you entrust to anyone. Tax returns, Social Security numbers, and bank details can be used to file fraudulent returns, open accounts in your name, or impersonate you with government agencies. Because many families use the same accountant for years, a single breach can expose multiple generations at once.
Even if your name has not yet appeared on a leak site, the information may already be circulating among criminals who buy and sell stolen records. The longer you wait to act, the higher the chance that quiet misuse turns into identity theft, unexpected tax bills, or fraudulent loans taken out in your name.
The Doxxing and Identity-Chain Risks
Stolen tax and financial documents rarely stay isolated. Attackers routinely cross-reference names, addresses, and phone numbers with usernames found in earlier breaches. This creates an identity chain that links your professional records to personal email accounts, social-media handles, and even your children’s online gaming profiles. Once the chain is built, doxxing becomes straightforward: one leak reveals where you live, another shows your children’s usernames, and a third supplies the passwords reused across those accounts.
Credential leaks like this one cascade into account takeovers. A password lifted from an accounting portal can unlock an email account, which then grants access to password-reset links for banking, government services, and gaming platforms. Children’s gaming accounts are especially vulnerable because they often share the same family email or phone number listed on tax forms.
Deadlock Ransomware Group’s Track Record
Public reporting attributes the attack to the Deadlock ransomware group. The gang emerged in late 2024 and has since targeted dozens of organizations, primarily in the United States and Europe. Notable prior victims include mid-sized law firms, manufacturers, and professional service providers. Their typical playbook involves stealing sensitive files before encrypting systems, then pressuring victims with a short deadline and the threat of publishing the data on their leak site. Extortion demands usually focus on both ransom payment and a separate “negotiation” fee to prevent release of the stolen documents.
What to do
- Run a DoxxScan to map every link between your emails, phone numbers, addresses, and online handles that may have been exposed in the Schlenker and Cantwell breach.
- Rotate any password you used at the accounting firm anywhere else it appears, and switch to a hardware key or authenticator app for 2FA instead of SMS.
- Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next leak that touches your family is caught and acted on within hours.
- Cover the household with DoxxScan family protection that includes dependents and children’s gaming accounts, which frequently chain back to the same addresses and contact details used in tax filings.
- Let DoxxScan remediation specialists handle takedown requests across data brokers and leak sites on your behalf while you focus on securing your own accounts.
The incident shows that even trusted local professionals can become gateways to identity theft and doxxing campaigns. Acting quickly on the credentials and documents already exposed can limit the damage before criminals stitch together the full picture of your family’s digital life. Start your DoxxScan trial today and combine continuous monitoring, identity-chain mapping, and hands-on specialist remediation to protect every member of your household.
Related breaches
Expresokna Sp. Z O.O. Listed by Deadlock Ransomware Group
EXPRESOKNA SP. Z O.O. a Polish manufacturer and distributor specializing in window and door systems.…
NXIT and Franco Vago S.p.a. and Traconf Srl Listed by Deadlock Ransomware Group
The leaked files will be available for download on May 15, 2026. Nippon Express Italia SpA (NXIT) is…
DOCTUS USA Inc Listed by Deadlock Ransomware Group
Doctus offers top-tier medical records services in the USA, specializing in the management and organ…
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →