Cyber Threat Actor: Oliver Glover
| Actor Type | Location | Known Incidents |
Criminal
|
United States of America
|
1 incident |
|---|
Profile
Oliver Glover, also known by thealias Oliver Glover, is a private investigator based in the United States of America who became publicly linked to a cyber intrusion targeting attorney‑client data. In April 2014 he admitted, alongside fellow investigator William Reynolds, to gaining unauthorized access to the servers of the law firm Reyes & Barsoum L.L.P. and downloading thousands of confidential files containing Social Security numbers, medical records, addresses, and privileged litigation documents of over 32,000 injured workers. The intrusion was carried out at the direction of three California‑based workers compensation insurers—Berkshire Hathaway Homestate, Cypress Insurance, and Zenith Insurance—who allegedly sought to obtain an advantage in claims disputes and lower settlement payouts. The breach was discovered when opposing counsel presented the unlawfully obtained documents during a workers compensation hearing, revealing that the stolen data had been stored on the HQSU Sign Up Services platform. A related class action lawsuit remains pending in federal court.
The incident illustrates Glover’s typical targeting of legal sector entities that hold sensitive personal information related to workers compensation claims, with a geographic focus on California where the insurers involved are headquartered. His strategic objective, as described in the lawsuit, was to facilitate financial benefit for the insurers by providing them with privileged information that could be used to weaken claimants’ positions. The tactics observed in this operation centered on unauthorized server access to exfiltrate large volumes of data; no specific malware families, custom tooling, or persistence mechanisms were referenced in the public reporting. Glover’s affiliation is limited to his role as a private investigator contracted by the workers compensation insurers, and no state sponsorship or broader criminal consortium has been publicly established in connection with his activities. This 2014 Reyes & Barsoum L.L.P. breach stands as the sole publicly documented campaign attributed to him, highlighting a pattern of illicit data acquisition aimed at influencing civil litigation outcomes.
