Jones Day confirms 'limited' data breach following Silent Ransom Group phishing attack

International law firm Jones Day confirmed a limited data breach after being targeted by the Silent Ransom Group in a phishing attack. The breach represents the latest security incident affecting major law firms handling sensitive client data. Jones Day, one of the world's largest law firms with more than 2,500 attorneys across 18 countries, stated the breach was contained and affected only a limited subset of systems. The firm did not disclose specific details about what data may have been accessed. The Silent Ransom Group specializes in targeting professional services firms, particularly law firms and accounting practices. Unlike traditional ransomware operators who encrypt systems and demand payment for decryption keys, the group typically steals data and threatens public release unless ransom demands are met. Law firms face particular cybersecurity challenges due to the sensitive nature of client data they handle, including merger and acquisition documents, intellectual property, and litigation materials. Major firms have increasingly become targets for state-sponsored actors and criminal groups seeking economic intelligence or leverage. Jones Day said it has engaged cybersecurity experts and notified relevant authorities. The firm emphasized that it has no intention of paying any ransom demands related to the incident. The breach highlights ongoing vulnerabilities in the legal sector's cybersecurity practices despite increased investment following high-profile incidents at other major firms in recent years.