Law firm reports phishing attack led to unauthorised access to client data
US-based law firm Jones Day has confirmed that hackers accessed client-related files following a cybersecurity incident involving a phishing attack.
The firm stated that an unauthorised third party gained access to a limited number of files affecting 10 clients. The breach came to light after materials were posted online by a group claiming responsibility for the attack.
According to a statement issued by the firm, the incident involved older files and did not affect a wider set of systems. All impacted clients have been notified, although the firm has not disclosed their identities or the specific nature of the files accessed.
The group, identifying itself as the Silent Ransom Group, reportedly published the data on its website on 30 March 2026. The organisation has been linked to previous cyber activity targeting the legal sector, which is often considered vulnerable due to the volume of sensitive and confidential information held by law firms.
The hackers claimed to have targeted an individual within the firm connected to cases before the US Court of Appeals for the Federal Circuit. However, no further details have been confirmed by the firm, and the individual named in the claim has declined to comment.
Cybersecurity agencies have previously warned that law firms are increasingly targeted by ransomware and phishing attacks. The legal sector’s involvement in high-value corporate transactions and litigation makes it a frequent focus for cybercriminals seeking sensitive data.
Jones Day, which employs around 2,400 lawyers, is known for representing major corporations and has been involved in high-profile legal matters. The firm has also previously reported being affected by a separate cyber incident involving a file-transfer vulnerability.
The latest incident follows a broader trend of cyber attacks on law firms. In 2025, another US firm, Williams & Connolly, disclosed that hackers had accessed parts of its IT systems, including some attorney email accounts. That firm stated at the time that there was no evidence of broader extraction of client data.
Authorities have highlighted phishing attacks as a common entry point for such breaches, often involving deceptive emails designed to gain access to internal systems.
The investigation into the Jones Day incident is ongoing, with no further details released about the scope of the breach or any potential impact beyond the identified clients.
Source: Reuters