The hacker group posted documents that it attributed to one major firm
The hack on US file-transfer service provider Accellion has compromised the information of global firms Jones Day and Goodwin Procter, reported the American Bar Association Journal.
Goodwin Procter acknowledged a data breach earlier this month via an internal memo, which was released by Bloomberg Law. The firm’s managing partner, Mark Bettencourt, said in the memo that both clients and employees may have been affected by the breach, which Accellion informed the firm of on 22 January. Subsequently, the firm brought in a forensics expert to conduct an investigation.
The perpetrator of the attack was recently revealed to be a hacker with the alias of “Clop” when a site linked to the hacker unveiled documents that it said was from Jones Day. Clop told the Wall Street Journal in an email that it possessed over 100GB of the firm’s data, and that it had already contacted Jones Day to negotiate a ransom, although the communication attempt was unsuccessful.
Files posted include a memo to a judge and a cover letter pointing to confidential documents.
In a statement it released to publications like Law.com, Jones Day clarified that its own network had not been hacked.
“Jones Day’s network has not been breached. Nor has Jones Day been the subject of a ransomware attack. Jones Day has been informed that Accellion’s FTA file transfer platform, which is a platform that Jones Day – like many law firms, companies and organisations – used, was recently compromised and information taken,” the firm said.
Jones Day said that it was still investigating the data breach and remained in talks with clients who had been impacted by the attack, as well as with “appropriate authorities.” The American Bar Association Journal pointed out that former US President Donald Trump was among the global firm’s clients.
Allens was also revealed as a victim of the breach late last month. Emsisoft cybersecurity threat analyst Brett Callow told Above the Law that the breach put data from other organisations across the globe “at significant risk” of being published as well, with other Accellion users being the Reserve Bank of New Zealand and ASIC.
Hack attacks have made headlines in the legal industry over the past year, with Seyfarth Shaw and Grubman Shire Meiselas & Sacks being notable victims.