Back to Blog
high severity July 15, 2026 · scope unconfirmed

Shillen Mackall & Seldon Listed by dragonforce Ransomware Group

⚠ Were you caught in this breach?
Check your email against 15.4B+ leaked records in 15 seconds — free, no signup.
Scan my email — free → Instant · no account

Shillen Mackall Seldon Spicer & Fraas is a law firm dedicated to representing personal injury victims primarily in Vermont, New Hampshire, and Florida since 1980. They offer legal services for a wide range of personal injury cases, including car accidents, medical malpractice, and workers' compensation. The firm is committed to providing compassionate legal counsel and fighting for the rights of clients facing physical, emotional, and financial challenges after accidents. With a team of experienced attorneys, they strive to secure maximum compensation for their clients while ensuring a support

Shillen Mackall & Seldon Listed by dragonforce Ransomware Group
Severity High
Disclosed July 15, 2026
Affected Unconfirmed
Data exposed Internal files exfiltrated in ransomware attack

Shillen Mackall & Seldon was listed on the DragonForce ransomware leak site on July 15, 2026. The Vermont, New Hampshire, and Florida personal-injury law firm, which has represented clients since 1980, is the latest victim claimed in an active extortion campaign. Anyone who has been a client of the firm, or whose personal-injury case files may have passed through its systems, should assume their information is now in the hands of the attackers.

Confirmed Details from the Listing

The DragonForce leak site states that internal files were exfiltrated during a ransomware attack on Shillen Mackall Seldon Spicer & Fraas. The posting does not quantify how many records were taken, list specific data types, or disclose any ransom demand. It simply confirms that data was stolen and is being held for extortion. The firm has not yet issued a public client notification detailing the breach scope, so the exact volume and sensitivity of exposed information remain unknown to the public.

Why This Matters for You and Your Family

If you or a family member hired the firm after a car accident, workplace injury, or medical incident, sensitive details such as medical records, insurance information, financial data, and personal identifiers may have been taken. Internal files from a plaintiff’s law firm routinely contain full names, dates of birth, Social Security numbers, addresses, phone numbers, employment histories, and extensive medical histories. Exposure of this information creates immediate risk of identity theft, fraudulent loan applications, and targeted scams that reference your specific accident or injury. Because the breach involves a law firm, attorney-client communications and settlement documents could also be included, increasing the chance of embarrassment or further financial exploitation.

Doxxing and Identity-Chain Risks

Ransomware operators rarely stop at one dataset. Once personal details from the firm are released, they can be cross-referenced with other leaks to build complete identity profiles. A phone number taken from the law firm can link to your email, social-media handles, children’s school records, or even gaming accounts. These chains allow attackers to impersonate you, reset passwords on linked services, or sell the compiled dossier on dark-web marketplaces. The longer the data circulates, the harder it becomes to contain the damage.

DragonForce’s Known Track Record

Public reporting attributes DragonForce with emerging in late 2024 as a ransomware-as-a-service operation that provides tools and infrastructure to affiliate groups. The gang has claimed responsibility for attacks on healthcare providers, manufacturers, and professional-services firms. Their typical playbook begins with phishing or exploited remote-access credentials, followed by rapid lateral movement, data exfiltration, and then dual extortion: threatening both data publication and system encryption. The group maintains a leak site that is updated frequently, applying pressure through countdown timers and sample file releases. While the exact success rate is unclear, DragonForce listings have appeared alongside several other prominent ransomware names in recent months.

What to do

  • Run a DoxxScan to map every link between your handles, emails, phone numbers, and real identity, with no-subscription cleanup handled by the service.
  • Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next exposure surfaces in hours rather than months.
  • Rotate any password you ever used with Shillen Mackall & Seldon and enable 2FA through an authenticator app on every account where that password was reused.
  • Cover the entire household with DoxxScan family protection, which extends to dependents and children’s gaming accounts that often chain back to the same address and personal details.
  • Let remediation specialists manage takedown requests for any exposed personal information appearing on data-broker or extortion sites.

The incident underscores that even regional law firms handling sensitive personal-injury matters are now routine targets. Staying ahead requires more than reactive checks; it demands ongoing visibility into how your information travels across the internet. DoxxScan by GalaxyWarden delivers that visibility through continuous monitoring across 15.4 billion breach records and more than 100 platforms, AI-powered identity-chain mapping, hands-on remediation by specialists, and full household coverage that includes children’s gaming accounts vulnerable to credential-stuffing attacks that cascade from breaches like this one. Acting promptly limits what attackers can build from the Shillen Mackall & Seldon data before it spreads further.

Share this Post on X Reddit Email
Why this isn’t just another breach checker

A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.

Free checker Tells you the breach happened. End of story. You’re still on 800+ broker sites.
$129+/yr Broker-removal services scrub the address but don’t see the breach — next leak re-exposes you.
GalaxyWarden Maps the chain. Cleans both halves. $19 one-shot. Closed loop.

⚠ Were you in this breach?

Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.

Check my email — free →
Close the chain attack

Both halves of the chain, cleaned once.

A breach put your credentials in 15.4B+ leaked records. Hackers chain that data to your address on 800+ broker sites. GalaxyWarden closes both halves for $19 once — no subscription required.

Clean both halves — $19 →
Free breach scan + 800+ broker letters + 30-day proof · one payment, no subscription
W Warden Plus — ongoing monitoring $9.99/mo
Warden Plus ($9.99/mo or $99/yr): weekly re-scans, breach alerts, AI Concierge, auto re-files on relisted brokers.