"Jones Day acknowledged that an 'unauthorised third party accessed a limited number of dated files for 10 clients' and that all affected clients have been notified. The attackers claimed they focused on the head of the firm's Federal Circuit team, supposedly referring to Greg Castanias."
"The attack has been attributed to the Silent Ransom Group, also known as Luna Moth, Chatty Spider, and UNC3753. According to an FBI alert last May, SRG has been targeting law firms specifically since 2023."
"SRG's M.O. is social engineering - phishing emails and phone calls impersonating IT staff - rather than sophisticated zero-day exploits. They just convince someone to give them remote access and then walk out with the data using off-the-shelf file transfer tools."
"The group published a file directory and screenshots of what appear to be negotiation chats between SRG and Jones Day representatives. According to reporting, the hackers demanded $13 million to keep quiet about the breach."
Jones Day confirmed a data breach involving unauthorized access to files for 10 clients, with all affected clients notified. The breach was attributed to the Silent Ransom Group, which has targeted law firms since 2023. The group uses social engineering tactics rather than sophisticated malware. They demanded $13 million from Jones Day to remain silent about the breach, but negotiations failed. The group threatened to publish the data and contact all employees and clients if their demands were not met.
Read at Above the Law
Unable to calculate read time
Collection
[
|
...
]