Hack on US file-transfer service provider compromises global firms

The hacker group posted documents that it attributed to one major firm

Hack on US file-transfer service provider compromises global firms

The hack on US file-transfer service provider Accellion has compromised the information of global firms Jones Day and Goodwin Procter, reported the American Bar Association Journal.

Goodwin Procter acknowledged a data breach earlier this month via an internal memo, which was released by Bloomberg Law. The firm’s managing partner, Mark Bettencourt, said in the memo that both clients and employees may have been affected by the breach, which Accellion informed the firm of on 22 January. Subsequently, the firm brought in a forensics expert to conduct an investigation.

The perpetrator of the attack was recently revealed to be a hacker with the alias of “Clop” when a site linked to the hacker unveiled documents that it said was from Jones Day. Clop told the Wall Street Journal in an email that it possessed over 100GB of the firm’s data, and that it had already contacted Jones Day to negotiate a ransom, although the communication attempt was unsuccessful.

Files posted include a memo to a judge and a cover letter pointing to confidential documents.

In a statement it released to publications like Law.com, Jones Day clarified that its own network had not been hacked.

“Jones Day’s network has not been breached. Nor has Jones Day been the subject of a ransomware attack. Jones Day has been informed that Accellion’s FTA file transfer platform, which is a platform that Jones Day – like many law firms, companies and organisations – used, was recently compromised and information taken,” the firm said.

Jones Day said that it was still investigating the data breach and remained in talks with clients who had been impacted by the attack, as well as with “appropriate authorities.” The American Bar Association Journal pointed out that former US President Donald Trump was among the global firm’s clients.

Allens was also revealed as a victim of the breach late last month. Emsisoft cybersecurity threat analyst Brett Callow told Above the Law that the breach put data from other organisations across the globe “at significant risk” of being published as well, with other Accellion users being the Reserve Bank of New Zealand and ASIC.

Hack attacks have made headlines in the legal industry over the past year, with Seyfarth Shaw and Grubman Shire Meiselas & Sacks being notable victims.   

Related stories

Free newsletter

Subscribe to our FREE newsletter service and we’ll keep you up-to-date with the latest breaking news, cutting edge opinion, and expert analysis affecting both your business and the industry as whole.

Please enter your email address below and click on Sign Up for daily newsletters from Australasian Lawyer.

Recent articles & video

Minneapolis ex-cop found guilty in George Floyd murder

The cream of the crop in Australia’s insurance law industry unveiled

NRF acts on landmark $3.8bn property transaction

Squire Patton Boggs adds corporate partner in Sydney

Coalition of law firms launch initiative to tackle growing violence against Asians in the US

James & Wells launches Melbourne offering with ICT vet

Most Read Articles

Greenwoods & Herbert Smith Freehills welcomes new projects and infrastructure head

Sydney lawyer among 30 elevated to partner in Allen & Overy’s global promotion round

Gilchrist Connell special counsel was playing lawyer as a kid on a farm

Dentons Australia beefs up IPT team with ex-HSF partner