Jones Day hit by cyber attack linked to group targeting law firms

Jones Day has suffered a cyber security attack after hackers accessed files linked to a number of client matters.

In a statement, the US firm said it had experienced a phishing attack in which “an unauthorised third party accessed a limited number of dated files for 10 clients”. It said that all affected clients have been notified.

The incident is understood to be linked to the Silent Ransom Group, a cybercrime group that has been targeting law firms in recent years.

According to reports, the group has claimed responsibility for the attack and published a file directory and a screenshot of purported negotiations with Jones Day representatives.

The group is understood to have targeted Greg Castanias, a senior Washington-based partner who leads Jones Day’s Federal Circuit practice, according to Reuters.

Growing risk for law firms

Silent Ransom Group has been actively targeting law firms since at least 2023, with the FBI warning last year that the group uses social engineering tactics to gain access to firms, including impersonating IT staff and, in some cases, gaining physical access to offices to install malware.

Law firms have increasingly become targets for ransomware and data theft attacks because of the large volumes of sensitive client data they hold.

Before its merger, Allen & Overy was hit by an incident linked to the LockBit ransomware group in 2023. The firm was later removed from the group’s website, although the reason was never made public.

Jones Day has also previously been affected by cyber incidents. In 2021, it was among a number of companies impacted by a hack of file transfer software linked to a separate ransomware group.