No need to hack when it’s leaking: Dalbir Singh & Associates law firm edition

A misconfigured Amazon S3 bucket owned by Dalbir Singh & Associates exposed more than 110,000 client files; after repeated ignored disclosure attempts the bucket was briefly secured but later re-exposed and the data surfaced on KillSec's dark-web leak site, suggesting active extortion. DataBreaches alerted authorities and the firm but there is no public notice from the firm regarding the incident.