Law Firm Jones Day Files Stolen, Leaked on the Dark Web

Jones Day, the law firm that represented Donald Trump, recently suffered a data breach in December 2020, reported DataBreaches.net. The attack was conducted by Clop, a ransomware gang that attacked Accellion FTA, a file transfer service.

Jones Day has handled high-profile clients including former president Trump during his appeals to overturn the results of the 2020 election.

Clop, the group responsible for the Accellion FTA breach that affected other law firms, said that the posted database is from Jones Day. The group posted some screenshots of the files included in the archive to prove that the database is indeed from Jones Day.

Jones Day Files Stolen Leaked on the Dark Web

DataBreaches.net noted that the law firm is yet to release a statement to verify the legitimacy of the files. However, lack of action from the firm has prompted the attackers to dump more data on the dark web.

An additional 100 gigabytes of files composed of 70% zip and 7z files have been uploaded by the attackers. They also doubled down on the pressure and threats.

DataBreaches.net reached out to the company twice but did not receive any response. The report also remarked that no statements regarding any interruptions were divulged on their website. Regardless, the files claimed to be from the firm are “from verifiable cases.”

Meanwhile, Threat Post reported a statement by the firm saying that the breach was not a result of a direct hack but an attack on a third-party service provider, said Threat Post. This is despite the hackers claiming that they directly attacked the firm’s servers.

Jones Day uses Accellion FTA, which allows customers to transfer large, sensitive files from one enterprise to another.

The possibility of using other vulnerabilities was brought up by Tripwire senior director of security research Lamar Bailey.

According to Bailey, “If Jones Day releases the results of the investigation that is still ongoing, that should point to the cause. It is possible that the attacker is current, and Jones Day has not found the root cause yet but that remains to be proven.”

Bailey noted that immediate action and mitigation are needed in order to address the situation and prevent further damage.

Meanwhile, experts expect to find more victims of the Accellion breach. Other law companies affected by the Accellion FTA attacks include Goodwin Procter LLP. Other companies compromised in this incident are Singtel and Optus, both telecom companies.