Jones Day is hit by vendor data breach; hackers post files they claim were stolen from the law firm

  • Print

data breach

Image from

A hacking group has posted files that it claims to be from Jones Day after the law firm was hit by a data breach at one of its vendors.

Jones Day is the second law firm to acknowledge that it was affected by the hack of a file transfer vendor, Accellion. Goodwin Procter revealed in an internal memo earlier this month that some client information may have been accessed in a breach of an unnamed vendor, later identified as Accellion., Law360, Above the Law, the Wall Street Journal and Bloomberg Law have coverage.

Former President Donald Trump is among Jones Day’s clients.

A website linked to a hacker known as Clop has posted some documents said to be from Jones Day. One is a memo to a judge labeled a “confidential mediation brief,” according to the Wall Street Journal. Another is a cover letter for “confidential documents.” Above the Law described the posted material as “relatively mundane.”

The Wall Street Journal contacted Clop through a blog email. The hacker claimed to have more than 100 gigabytes of data and said Jones Day has been contacted for ransom negotiations to no avail.

Jones Day denied that its own network had been hacked and said the vendor hack was not a ransomware attack. Here is its statement, provided to and other publications:

“Jones Day’s network has not been breached. Nor has Jones Day been the subject of a ransomware attack. Jones Day has been informed that Accellion’s FTA file transfer platform, which is a platform that Jones Day—like many law firms, companies and organizations—used, was recently compromised and information taken. Jones Day continues to investigate the breach and has been, and will continue to be, in discussion with affected clients and appropriate authorities.” previously called all the law firm clients listed on the Accellion website to see whether others were affected. None acknowledged an impact.

Give us feedback, share a story tip or update, or report an error.