Jones Day Hit by Phishing Attack, Client Data Accessed in Breach Claimed by Cybercriminal Group Global law firm Jones Day confirmed a phishing attack in which hackers accessed files belonging to 10 clients, a breach later claimed by the cybercriminal group Silent. The incident, disclosed on Monday, involved unauthorized access to a limited set of dated client documents, according to a statement from spokesperson Dave Petrou. All affected clients have since been notified, though their identities remain undisclosed. Silent, a known extortion-focused threat group, listed Jones Day as a victim on its dark web leak site, taking credit for the attack. The firm, which has previously faced cybersecurity incidents including a 2021 breach with undisclosed details represents high-profile clients such as Goldman Sachs, McDonald’s, and General Motors. No further information on the scope of the compromised data or the timeline of the attack has been released. The incident underscores the persistent targeting of legal firms by cybercriminals seeking sensitive corporate information.

Goldman Sachs Alerts Fund Clients to Third-Party Law Firm Data Breach Goldman Sachs has notified its fund clients about a data breach affecting an external law firm, as reported by Bloomberg News. The incident underscores the growing risks of third-party vulnerabilities in financial services. While details remain limited, the breach appears to involve sensitive client information handled by the law firm, potentially exposing data tied to Goldman Sachs’ fund operations. The timing and scope of the exposure have not been disclosed, nor has the identity of the affected law firm. This incident highlights the cascading impact of supply chain attacks, where breaches at external partners can compromise even well-protected institutions. Financial firms increasingly rely on third-party vendors for legal, administrative, and technological services, amplifying the potential fallout from such incidents. As of now, no further public disclosures or regulatory filings have provided additional context. The breach serves as a reminder of the persistent threat posed by interconnected business ecosystems in the financial sector.