Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Jones Day

Jones Day Vendor Cyber Rating & Cyber Score

jonesday.com

With its singular tradition and widely recognized record of client service, Jones Day provides formidable legal talent across multiple disciplines and jurisdictions through the seamless collaboration of a true partnership that shares fundamental professional values. Jones Day has more than 2,500 lawyers in 40 offices located in major centers of business and finance across five continents. The content of this page is intended to convey general information about Jones Day. It should not be relied upon as legal advice. It is not an offer to represent you, nor is it intended to create an attorney-client relationship. Jones Day does not sponsor, endorse, verify, or warrant the accuracy of the information found at external sites or subsequent


Jones Day A.I CyberSecurity Scoring

Jones Day
Company Information
Website:http://www.jonesday.com
Employees number:6,333
Number of followers:127,186
NAICS:54111
Industry Type:Law Practice
Homepage:jonesday.com
Jones Day Risk Score (AI oriented)
Between 0 and 549
logo
Jones DayLaw Practice
Updated:
09/06/2026
472/1000
Critical
C
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Jones Day Global Score (TPRM)
xxxx
logo
Jones DayLaw Practice
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Jones Day
Jones DayCritical
Current Score
472C (CRITICAL)
01000
6 incidents
-99 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
479Before Incident
JUNE 2026
472Before Incident
MAY 2026
523Before Incident
Breach
01 May 2026Jones Day
Bryan Cave Leighton Paisner, Jones Day and Fox Rothschild: Law firm Fox Rothschild hit with class action over data breach

Fox Rothschild Data Breach and Class Action Lawsuit

463After Incident
CRITICAL-60
JONBRYFOX1781043906
U.S. Law Firm Fox Rothschild Hit with Class Action Lawsuit Over Data Breach A proposed class action lawsuit was filed against U.S. law firm Fox Rothschild on June 9, alleging the firm failed to protect sensitive personal data, including names and Social Security numbers, in a May breach. The attack was attributed to the Silent Ransom Group, a cybercriminal collective that has targeted law firms since 2023, according to the FBI. The lawsuit was initiated by Jasmine Trotter, a Georgia resident whose data was held by Fox Rothschild in connection with an unspecified legal matter. Trotter claims the firm did not notify affected individuals and neglected to implement adequate security measures. She estimates thousands of potential class members may have been impacted. Fox Rothschild’s chief AI and information security officer, Mark McCreary, stated that the breach stemmed from a "sophisticated social engineering event" targeting a single attorney, compromising only one device. He asserted that the firm’s security protocols contained the incident’s scope and that notifications would be issued as required by law. The Silent Ransom Group has previously claimed responsibility for breaches at other major law firms, including Jones Day, which represented former President Donald Trump in election-related cases. Law firms have increasingly faced litigation over cybersecurity failures, with some such as Gunster Yoakley & Stewart, Orrick Herrington & Sutcliffe, and Bryan Cave Leighton Paisner settling similar cases in recent years.
INCIDENT DETAILS -
TYPE
Data Breach
MOTIVATION
Financial Gain
IMPACT
Data Compromised: Sensitive personal data, including names and Social Security numbersSystems Affected: One deviceBrand Reputation Impact: Potential reputational damage due to lawsuit and breachLegal Liabilities: Class action lawsuit filedIdentity Theft Risk: High (Social Security numbers exposed)
DATA BREACH
NamesSocial Security numbersSensitivity Of Data: HighPersonally Identifiable Information: Yes
APRIL 2026
695Before Incident
Ransomware
07 Apr 2026Jones Day
Jones Day: Data breach exposes Jones Day client files after ransomware threat

Jones Day Hit by Ransomware Attack, Exposing Client Files

518After Incident
CRITICAL-177
JON1775558587
Jones Day Hit by Ransomware Attack, Exposing Client Files Global law firm Jones Day has suffered a data breach following a ransomware attack, resulting in the exposure of sensitive client files. The incident underscores the growing cybersecurity risks facing legal organizations, which handle highly confidential information. While details remain limited, the breach highlights the persistent threat of ransomware targeting high-profile firms. Legal industry analysts note that such attacks can lead to severe reputational damage, regulatory scrutiny, and potential legal liabilities for affected organizations. The timing and full scope of the breach have not been disclosed, but the incident serves as a reminder of the critical need for robust cybersecurity measures in the legal sector. Further developments are expected as the investigation progresses.
INCIDENT DETAILS -
TYPE
Ransomware
IMPACT
Data Compromised: Sensitive client filesBrand Reputation Impact: Severe reputational damageLegal Liabilities: Potential legal liabilities
DATA BREACH
Type Of Data Compromised: Sensitive client filesSensitivity Of Data: Highly confidential
Vulnerability
07 Apr 2026Jones Day
Accellion and Jones Day: Jones Day Faces Cybersecurity Scrutiny After Client Data Breach

Jones Day Breach Exposes Client Data via Third-Party File Transfer Platform

518After Incident
CRITICAL-177
JONAMA1775623588
Jones Day Breach Exposes Client Data via Third-Party File Transfer Platform Global law firm Jones Day is under regulatory scrutiny after hackers accessed gigabytes of sensitive client data and internal communications through a breach of the Accellion file transfer platform a third-party service the firm used for secure file sharing. The incident did not compromise Jones Day’s primary internal network but instead exploited vulnerabilities in the external vendor’s system. The U.S. Securities and Exchange Commission (SEC) is now investigating, requesting client names to assess whether material nonpublic information was exposed. A prior court ruling in a similar case affirmed the SEC’s authority to demand client identities in cyber investigations, though it limited disclosure to a subset of affected parties. Jones Day is actively investigating the breach and notifying impacted clients. The firm’s client roster includes major corporations, raising concerns about the potential exposure of confidential legal and business data. The breach underscores the risks of third-party vendor dependencies, as even organizations with secure internal systems can face regulatory, legal, and reputational fallout from a compromised external platform. The incident highlights the need for robust vendor risk management, particularly for services handling sensitive data.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Gigabytes of sensitive client data and internal communicationsSystems Affected: Accellion file transfer platform (third-party service)Brand Reputation Impact: Regulatory, legal, and reputational fallout
DATA BREACH
Type Of Data Compromised: Sensitive client data and internal communicationsSensitivity Of Data: Confidential legal and business data
APRIL 2026
705Before Incident
Breach
01 Apr 2026Jones Day
Goldman Sachs, McDonald’s, Jones Day and General Motors: Jones Day shares client data breach affecting 10 firms

Jones Day Hit by Phishing Attack, Client Data Accessed in Breach Claimed by Cybercriminal Group

645After Incident
CRITICAL-60
JONGENMCDGOL1775507547
Jones Day Hit by Phishing Attack, Client Data Accessed in Breach Claimed by Cybercriminal Group Global law firm Jones Day confirmed a phishing attack in which hackers accessed files belonging to 10 clients, a breach later claimed by the cybercriminal group Silent. The incident, disclosed on Monday, involved unauthorized access to a limited set of dated client documents, according to a statement from spokesperson Dave Petrou. All affected clients have since been notified, though their identities remain undisclosed. Silent, a known extortion-focused threat group, listed Jones Day as a victim on its dark web leak site, taking credit for the attack. The firm, which has previously faced cybersecurity incidents including a 2021 breach with undisclosed details represents high-profile clients such as Goldman Sachs, McDonald’s, and General Motors. No further information on the scope of the compromised data or the timeline of the attack has been released. The incident underscores the persistent targeting of legal firms by cybercriminals seeking sensitive corporate information.
INCIDENT DETAILS -
TYPE
Phishing Attack
MOTIVATION
Extortion
IMPACT
Data Compromised: Client documents
DATA BREACH
Type Of Data Compromised: Client documentsSensitivity Of Data: Sensitive corporate information
MARCH 2026
705Before Incident
FEBRUARY 2026
704Before Incident
JANUARY 2026
702Before Incident
DECEMBER 2025
753Before Incident
NOVEMBER 2025
699Before Incident
OCTOBER 2025
698Before Incident
SEPTEMBER 2025
697Before Incident
AUGUST 2025
695Before Incident
JANUARY 2023
734Before Incident
Ransomware
01 Jan 2023Jones Day
Jones Day and Allen & Overy: Jones Day hit by cyber attack linked to group targeting law firms

Jones Day Hit by Cyberattack Linked to Silent Ransom Group

629After Incident
CRITICAL-105
JONALL1775551567
Jones Day Hit by Cyberattack Linked to Silent Ransom Group Jones Day, a prominent U.S. law firm, recently disclosed a cyberattack in which an unauthorized third party accessed dated files related to 10 client matters. All affected clients have been notified. The incident is believed to be tied to the Silent Ransom Group, a cybercrime collective known for targeting law firms since at least 2023. The group employs social engineering tactics, including impersonating IT staff and, in some cases, gaining physical access to offices to deploy malware. Reports indicate the hackers claimed responsibility for the attack, publishing a file directory and screenshots of alleged negotiations with Jones Day representatives. The breach reportedly focused on Greg Castanias, a senior Washington-based partner leading the firm’s Federal Circuit practice. This attack follows a pattern of escalating threats against law firms, which are frequent targets due to the sensitive client data they handle. Jones Day has previously faced cyber incidents, including a 2021 breach linked to a file transfer software hack. Additionally, Allen & Overy, now merged, was compromised in a 2023 LockBit ransomware attack, though the firm was later removed from the group’s leak site without public explanation. The latest breach underscores the persistent risks law firms face from sophisticated cybercriminal operations.
INCIDENT DETAILS -
TYPE
Cyberattack
IMPACT
Data Compromised: Dated files related to 10 client matters
DATA BREACH
Type Of Data Compromised: Client filesSensitivity Of Data: Sensitive client data
FEBRUARY 2021
769Before Incident
Breach
01 Feb 2021Jones Day
Jones Day

Data Breach at Jones Day via Accellion Vendor

713After Incident
CRITICAL-56
JON2493622
The client data of Jones Day was obtained by the hacking group Clop after a third-party vendor Accellion suffered a cyber attack. The hackers also uploaded gigabytes of the stolen highly sensitive data on the dark web in an attempt to export the payment. The firm along with the Accellion investigated the data security incident.
INCIDENT DETAILS -
TYPE
Data Breach
MOTIVATION
Extortion
IMPACT
Data Compromised: Client Data
DATA BREACH
Type Of Data Compromised: Client DataSensitivity Of Data: Highly Sensitive

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Jones Day ?
?
What was Jones Day's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Jones Day's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Jones Day's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Jones Day's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Jones Day's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Jones Day's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Jones Day's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Jones Day's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Jones Day's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Jones Day's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Jones Day's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Jones Day's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Jones Day ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Jones Day's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?