A group of cybercriminals known for Clop ransomware operations leaked data stolen from the US-based law firm Jones Day on the Dark Web.
Jones Day is a high-profile American law firm that represented ex-US President Donald Trump in all his brushes with the law. It is the US’s tenth-largest firm in terms of gross revenues. Some of its clients include JPMorgan Chase & Co., Procter & Gamble Co., Alphabet Inc.’s Google, Walmart Inc., and McDonald’s.
Databreaches.net, which first reported the incident, claims that the group started leaking the data after Jones Day refused to respond to their ransom demand.
Group didn’t Confirm Targeting Accellion.
Jones Day spokesperson David Petrou claims that the group compromised the Accellion FTA file transfer platform to access its servers and didn’t penetrate its network.
However, the Wall Street Journal reports that the hackers have denied any such attempt and claim that they directly accessed Jones Day servers.
While the hackers told Databreaches.net that they hacked one of the servers associated with Accellion and took the data, they targeted other systems too.
The hackers also told Vice that they didn’t encrypt the Jones Day network after stealing the data.
The group owns a website on the Tor anonymity network and often targets organizations with ransomware and threatens to leak data if a ransom is not paid.
100 Gigabytes of Stolen Data
The hackers posted on the website that they have stolen around 100GB of files from Jones Day. The data includes emails and legal documents, one of which appears to be confidential. Some of the data is dated January 2021, while most of it is old.
As per The Wall Street Journal, the screenshots reveal a memo to a judge marked “confidential mediation brief,” and another is a “confidential” document cover letter. The stolen data’s authenticity is not yet verified, but the Journal confirmed that large files had been posted on Dark Web.
Second Major Law Firm to be Attacked
Jones Day becomes the second major law firm the private data of which was exposed in the past two weeks. The data exposure is suspected of a breach at Accellion that offers file transfer services to most law firms and other organizations.
Accellion posted a statement on its website, confirming that its 2-decades old File Transfer Appliance became the target of a “sophisticated cyberattack.”
The company’s spokesperson Robert Dougherty stated that they are conducting a full assessment of the data breach incident in collaboration with a leading cybersecurity forensics team.
“We will share more information once this assessment is complete. For their protection, we do not comment on specific customers,” Dougherty noted.