Industry - Data Breach
Executive Summary
Jones Day, a top-ranked U.S. law firm, confirmed a data breach affecting 10 clients after the Silent Ransom Group gained access through a phishing attack and posted stolen files to the dark web on March 30. The hackers demanded $13 million and threatened to publish all data, contact employees and clients, and resume attacks if the firm did not respond by their deadline. All affected clients have been notified of the breach, which targeted a senior member of the firm's Federal Circuit legal team.
What Happened
Jones Day, a leading U.S. law firm, suffered a data breach after the Silent Ransom Group gained access to limited files for 10 clients through a phishing attack targeting a senior member of the firm's Federal Circuit legal team. The hackers posted stolen data to the dark web on March 30, 2026, and demanded $13 million in ransom. According to leaked negotiation screenshots, the threat actors warned they would publish all data, contact employees and clients, and resume attacks if the firm did not respond by their March 28 deadline.
Who Is Affected
Ten clients of Jones Day are directly affected by the exposure of their confidential legal files. The breach specifically targeted materials related to Greg Castanias, who leads the firm's Federal Circuit appellate practice. All affected clients have been notified of the incident by the firm.
Why It Matters
This incident highlights the ongoing targeting of law firms by ransomware groups, who seek highly sensitive legal data that can be leveraged for extortion. The FBI has warned since 2023 that Silent Ransom Group specifically targets law firms due to the confidential nature of attorney-client communications and case materials. This is Jones Day's second confirmed data breach, following a previous incident involving the Accellion file transfer vulnerability, demonstrating that even sophisticated organizations remain vulnerable to phishing attacks and repeat compromises.
What You Should Do
If you are a client of Jones Day, contact the firm directly to confirm whether your data was affected and request specific details about what information may have been exposed. Monitor your accounts and communications for suspicious activity, as threat actors may attempt to use leaked information for targeted phishing or social engineering attacks. If you work with any law firm, verify that they have robust email security training and phishing defenses in place, and consider asking about their incident response procedures and cyber insurance coverage.
Summary generated from verified sources and reviewed before publication. How we summarize.
Sources
- Jones Day confirms limited breach after phishing attack by Silent Ransom Group
- Data breach exposes Jones Day client files after ransomware threat - The Lawyer
- Jones Day data breach exposed files tied to 10 client matters - Beinsure
- Silent Ransom Group Reveals Hacked Jones Day Data - Crowdfund Insider
- Watson Clinic $10 Million Data Breach Settlement Gets Final Nod - Bloomberg Law News
- China supercomputing hub hit by massive, alleged data breach - Computing UK
- China supercomputing hub allegedly hit by massive data breach - Jang
- HK: Man arrested over stolen patient personal data
- Iowa AG files lawsuit against Change Healthcare over 2024 data breach
- Capita’s troubled Civil Service Pension Scheme hit by data breach - Computer Weekly
- China Data Breach: 10PB Stolen from Tianjin Supercomputer - WION
- China's supercomputing centre may have suffered major data breach: Report - Business Standard
- China Hit by 10PB Data Breach at Supercomputing Center - SQ Magazine
- Hackers demand thousands in crypto for peek at alleged China data breach - Yahoo Tech
- Chinese Supercomputer Allegedly Hacked, 10 Petabytes of Data Stolen - Security Magazine
- $10B AI Startup Mercor Bleeds Customers After Data Breach - The Tech Buzz
- A hacker has allegedly breached one of China’s supercomputers and is attempting to sell a trove of stolen data
- $10B AI Startup Mercor Bleeds Customers After Data Breach - The Tech Buzz
- China supercomputer breach: 10 petabytes of military data allegedly stolen by ‘FlamingChina’ - SC Media
- After data breach, $10B-valued startup Mercor is having a month - TechCrunch
- China’s Tianjin Supercomputing Center Hit in Alleged 10-Petabyte Data Breach - Vision Times
- February 2026 Healthcare Data Breach Report - The HIPAA Journal
- China supercomputer breach: 10 petabytes of military data allegedly stolen by ‘FlamingChina’ - SC Media