Clop ransomware gang leaks Jones Day law firm data on dark web

A group of cybercriminals known for Clop ransomware operations leaked data stolen from the US-based law firm Jones Day on the Dark Web. 

Jones Day is a high-profile American law firm that represented ex-US President Donald Trump in all his brushes with the law. It is the US’s tenth-largest firm in terms of gross revenues. Some of its clients include JPMorgan Chase & Co., Procter & Gamble Co., Alphabet Inc.’s Google, Walmart Inc., and McDonald’s.

SEE: Pay $42m or Trump’s ‘dirty laundry’ goes online – REvil ransomware hackers

Databreaches.net, which first reported the incident, claims that the group started leaking the data after Jones Day refused to respond to their ransom demand. 

Group didn’t Confirm Targeting Accellion.

Jones Day spokesperson David Petrou claims that the group compromised the Accellion FTA file transfer platform to access its servers and didn’t penetrate its network.

However, the Wall Street Journal reports that the hackers have denied any such attempt and claim that they directly accessed Jones Day servers.

While the hackers told Databreaches.net that they hacked one of the servers associated with Accellion and took the data, they targeted other systems too. 

The hackers also told Vice that they didn’t encrypt the Jones Day network after stealing the data.

The group owns a website on the Tor anonymity network and often targets organizations with ransomware and threatens to leak data if a ransom is not paid.

100 Gigabytes of Stolen Data

The hackers posted on the website that they have stolen around 100GB of files from Jones Day. The data includes emails and legal documents, one of which appears to be confidential. Some of the data is dated January 2021, while most of it is old. 

Clop ransomware gang leak sensitive Jones Day files on dark web

Screenshot of the leaked data and one of the email conversations. (Image: Hackread.com)

 As per The Wall Street Journal, the screenshots reveal a memo to a judge marked “confidential mediation brief,” and another is a “confidential” document cover letter. The stolen data’s authenticity is not yet verified, but the Journal confirmed that large files had been posted on Dark Web.

Second Major Law Firm to be Attacked

Jones Day becomes the second major law firm the private data of which was exposed in the past two weeks. The data exposure is suspected of a breach at Accellion that offers file transfer services to most law firms and other organizations.

Accellion posted a statement on its website, confirming that its 2-decades old File Transfer Appliance became the target of a “sophisticated cyberattack.”

SEE: Clop ransomware operators leak 4.75 GB data on Indiabulls conglomerate

The company’s spokesperson Robert Dougherty stated that they are conducting a full assessment of the data breach incident in collaboration with a leading cybersecurity forensics team.

 “We will share more information once this assessment is complete. For their protection, we do not comment on specific customers,” Dougherty noted.

Did you enjoy reading this article? Don’t forget to like our page on Facebook and follow us on Twitter


Source: HackRead

Leave a Reply