Hack on US file-transfer service provider compromises global firms

The hacker group posted documents that it attributed to one major firm

Hack on US file-transfer service provider compromises global firms

The hack on US file-transfer service provider Accellion has compromised the information of global firms Jones Day and Goodwin Procter, reported the American Bar Association Journal.

Goodwin Procter acknowledged a data breach earlier this month via an internal memo, which was released by Bloomberg Law. The firm’s managing partner, Mark Bettencourt, said in the memo that both clients and employees may have been affected by the breach, which Accellion informed the firm of on 22 January. Subsequently, the firm brought in a forensics expert to conduct an investigation.

The perpetrator of the attack was recently revealed to be a hacker with the alias of “Clop” when a site linked to the hacker unveiled documents that it said was from Jones Day. Clop told the Wall Street Journal in an email that it possessed over 100GB of the firm’s data, and that it had already contacted Jones Day to negotiate a ransom, although the communication attempt was unsuccessful.

Files posted include a memo to a judge and a cover letter pointing to confidential documents.

In a statement it released to publications like Law.com, Jones Day clarified that its own network had not been hacked.

“Jones Day’s network has not been breached. Nor has Jones Day been the subject of a ransomware attack. Jones Day has been informed that Accellion’s FTA file transfer platform, which is a platform that Jones Day – like many law firms, companies and organisations – used, was recently compromised and information taken,” the firm said.

Jones Day said that it was still investigating the data breach and remained in talks with clients who had been impacted by the attack, as well as with “appropriate authorities.” The American Bar Association Journal pointed out that former US President Donald Trump was among the global firm’s clients.

Allens was also revealed as a victim of the breach late last month. Emsisoft cybersecurity threat analyst Brett Callow told Above the Law that the breach put data from other organisations across the globe “at significant risk” of being published as well, with other Accellion users being the Reserve Bank of New Zealand and ASIC.

Hack attacks have made headlines in the legal industry over the past year, with Seyfarth Shaw and Grubman Shire Meiselas & Sacks being notable victims.   

Related stories

Free newsletter

Subscribe to our FREE newsletter service and we’ll keep you up-to-date with the latest breaking news, cutting edge opinion, and expert analysis affecting both your business and the industry as whole.

Please enter your email address below and click on Sign Up for daily newsletters from Australasian Lawyer.

Recent articles & video

Holding Redlich confirms role in $3bn super merger

Government announces counter-terrorism legislation

Lateral partner hires boost Ashurst's Asia offerings

Cornwalls adds migration offering after merger

NSW man faces charges after extremist online posts

Clifford Chance bolsters US securities law and debt offering with new partner in Hong Kong

Most Read Articles

Six make partner as Moray & Agnew looks ahead to 2022

Australian Unity Trustees' legal services head on making a difference as an elder law specialist

Baker McKenzie guides $729m renewables assets sale to Shell and ICG consortium

White & Case elevates six to counsel in Australia