Delegal Poindexter & Underkofler, P.A. Data Breach

Alleged

Ransomware claim involving Delegal Poindexter & Underkofler, P.A.

Published: Jun 25, 2026 Morpheus
Threat Level
High
Confidence: High

Quick Summary

Alleged
Company
Delegal Poindexter & Underkofler, P.A.
Industry
Business Services
Threat Actor
Morpheus
Date of Incident
Jun 25, 2026

Executive Summary

Delegal Poindexter & Underkofler, P.A. was listed by the Morpheus ransomware group on their dark web leak portal on June 25, 2026. This information was surfaced by SOCRadar’s Dark Web Monitoring service. The organization operates in the business services sector. The listing indicates Morpheus’s recent activity, which has shown a pattern of targeting organizations across business services, financial services, and technology sectors, with victims previously identified in India and Denmark.

Technical Analysis

SOCRadar’s search of stealer-log telemetry did not return any records for Delegal Poindexter & Underkofler, P.A. on their primary corporate domain. This suggests that, within the analyzed data, there was no direct evidence of compromised credentials accessible via typical infostealer methods for this specific domain. However, the absence of evidence does not confirm the absence of risk, as credentials could exist on other domains, personal email aliases, or data feeds not covered in the specific query. The typical attack vector for ransomware groups like Morpheus involves obtaining stolen credentials from underground marketplaces to gain initial access through platforms like Microsoft 365, VPNs, or remote-access portals before deploying ransomware. Therefore, CTI teams are advised to continue monitoring and implement proactive credential hygiene measures rather than assuming a lack of risk based on a negative query result.