Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo

Nationwide Legal LLC

nationwidelegal.com
Group Medusa
Discovered 2025-11-21 18:43 UTC
Est. attack date 2025-11-17
Country US
Duplicate Entry
This victim has been identified as a duplicate of another entry in our database. However, this may not always be the case: the same organization can be targeted multiple times by the same or different ransomware groups, which may result in separate legitimate entries. Search for related entries

Description:

Nationwide Legal LLC is a leading litigation support and legal services company based in Los Angeles, California, serving clients across the United States. The company provides a wide range of professional services, including process serving, e-filing, court reporting, document duplication, investigations, and subpoena preparation. With the motto “where technology meets experience,” Nationwide Legal focuses on combining advanced digital solutions with decades of industry expertise to ensure accuracy, speed, and reliability in every task. The company supports law firms, corporations, and government agencies by streamlining legal processes and improving overall efficiency in complex litigation workflows. company is headquartered in The headquarters address of Nationwide Legal LLC is 1609 James M Wood Blvd, Los Angeles, CA 90015, United States. 501-1,000 Employees
Infostealer activity detected by HudsonRock

Compromised Employees: 9

Compromised Users: 4

Third Party Employee Credentials: 9

External Attack Surface: 9

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abusegodaddy.com
MX Records
  • nationwidelegalllc-mx1.titanhq.com.
TXT Records
  • k7b29vz6587ghn7wc2yktf5qj67mvq8t
  • MS=ms96863008
  • _yf8w4fuzinqywos6ieo7bhiujgdnafd
  • v=spf1 include:spf.protection.outlook.com -all
  • bw=UGRQhVdTH8Kq4Nbe2MM9zMcprzieVK6DQX1WG03vdgl2
  • brevo-code:a9ab33988974ba88b15a21ecdcf3710b
  • _dbgpf33dma5qyb1jlyph8v3rrxvxsgn
  • google-site-verification=8NXarMZzqRCjlkA2DpAxSabHBcQd2mULmiIa5YrPG8c
  • _wl88vlh5v5fco3bbtih7t86zvmiczav
  • _7ntmgckqbzrco7hpfotqgeywqndkd0r
  • jg0whgv9ctplwv201x784jb2cnsb4csw
  • _axqnv9yff9ss0utlku1icyi5j3dhkbf
  • \009_iwo0vrc11b4wlnqhegptuy9s0htf1o6
Cloud / SaaS Services Detected
Microsoft 365

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.