Jones Day A.I CyberSecurity Scoring
Jones Day
Company Information
Website:http://www.jonesday.com
Employees number:6,333
Number of followers:127,186
NAICS:54111
Industry Type:Law Practice
Homepage:jonesday.com
Jones Day Risk Score (AI oriented)
Between 0 and 549
Jones DayLaw Practice
Updated:
09/06/2026
09/06/2026
472/1000
Critical
C
Jones Day Global Score (TPRM)
xxxx
Jones DayLaw Practice
Score locked

Jones DayCritical
Current Score
472C (CRITICAL)
01000
6 incidents
-99 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
479
JUNE 2026
472
MAY 2026
523
Breach
01 May 2026 • Jones Day
Bryan Cave Leighton Paisner, Jones Day and Fox Rothschild: Law firm Fox Rothschild hit with class action over data breach
Fox Rothschild Data Breach and Class Action Lawsuit
463
CRITICAL-60
JONBRYFOX1781043906
U.S. Law Firm Fox Rothschild Hit with Class Action Lawsuit Over Data Breach
A proposed class action lawsuit was filed against U.S. law firm Fox Rothschild on June 9, alleging the firm failed to protect sensitive personal data, including names and Social Security numbers, in a May breach. The attack was attributed to the Silent Ransom Group, a cybercriminal collective that has targeted law firms since 2023, according to the FBI.
The lawsuit was initiated by Jasmine Trotter, a Georgia resident whose data was held by Fox Rothschild in connection with an unspecified legal matter. Trotter claims the firm did not notify affected individuals and neglected to implement adequate security measures. She estimates thousands of potential class members may have been impacted.
Fox Rothschild’s chief AI and information security officer, Mark McCreary, stated that the breach stemmed from a "sophisticated social engineering event" targeting a single attorney, compromising only one device. He asserted that the firm’s security protocols contained the incident’s scope and that notifications would be issued as required by law.
The Silent Ransom Group has previously claimed responsibility for breaches at other major law firms, including Jones Day, which represented former President Donald Trump in election-related cases. Law firms have increasingly faced litigation over cybersecurity failures, with some such as Gunster Yoakley & Stewart, Orrick Herrington & Sutcliffe, and Bryan Cave Leighton Paisner settling similar cases in recent years.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
APRIL 2026
695
Ransomware
07 Apr 2026 • Jones Day
Jones Day: Data breach exposes Jones Day client files after ransomware threat
Jones Day Hit by Ransomware Attack, Exposing Client Files
518
CRITICAL-177
JON1775558587
Jones Day Hit by Ransomware Attack, Exposing Client Files
Global law firm Jones Day has suffered a data breach following a ransomware attack, resulting in the exposure of sensitive client files. The incident underscores the growing cybersecurity risks facing legal organizations, which handle highly confidential information.
While details remain limited, the breach highlights the persistent threat of ransomware targeting high-profile firms. Legal industry analysts note that such attacks can lead to severe reputational damage, regulatory scrutiny, and potential legal liabilities for affected organizations.
The timing and full scope of the breach have not been disclosed, but the incident serves as a reminder of the critical need for robust cybersecurity measures in the legal sector. Further developments are expected as the investigation progresses.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
Vulnerability
07 Apr 2026 • Jones Day
Accellion and Jones Day: Jones Day Faces Cybersecurity Scrutiny After Client Data Breach
Jones Day Breach Exposes Client Data via Third-Party File Transfer Platform
518
CRITICAL-177
JONAMA1775623588
Jones Day Breach Exposes Client Data via Third-Party File Transfer Platform
Global law firm Jones Day is under regulatory scrutiny after hackers accessed gigabytes of sensitive client data and internal communications through a breach of the Accellion file transfer platform a third-party service the firm used for secure file sharing. The incident did not compromise Jones Day’s primary internal network but instead exploited vulnerabilities in the external vendor’s system.
The U.S. Securities and Exchange Commission (SEC) is now investigating, requesting client names to assess whether material nonpublic information was exposed. A prior court ruling in a similar case affirmed the SEC’s authority to demand client identities in cyber investigations, though it limited disclosure to a subset of affected parties. Jones Day is actively investigating the breach and notifying impacted clients.
The firm’s client roster includes major corporations, raising concerns about the potential exposure of confidential legal and business data. The breach underscores the risks of third-party vendor dependencies, as even organizations with secure internal systems can face regulatory, legal, and reputational fallout from a compromised external platform. The incident highlights the need for robust vendor risk management, particularly for services handling sensitive data.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
APRIL 2026
705
Breach
01 Apr 2026 • Jones Day
Goldman Sachs, McDonald’s, Jones Day and General Motors: Jones Day shares client data breach affecting 10 firms
Jones Day Hit by Phishing Attack, Client Data Accessed in Breach Claimed by Cybercriminal Group
645
CRITICAL-60
JONGENMCDGOL1775507547
Jones Day Hit by Phishing Attack, Client Data Accessed in Breach Claimed by Cybercriminal Group
Global law firm Jones Day confirmed a phishing attack in which hackers accessed files belonging to 10 clients, a breach later claimed by the cybercriminal group Silent. The incident, disclosed on Monday, involved unauthorized access to a limited set of dated client documents, according to a statement from spokesperson Dave Petrou. All affected clients have since been notified, though their identities remain undisclosed.
Silent, a known extortion-focused threat group, listed Jones Day as a victim on its dark web leak site, taking credit for the attack. The firm, which has previously faced cybersecurity incidents including a 2021 breach with undisclosed details represents high-profile clients such as Goldman Sachs, McDonald’s, and General Motors.
No further information on the scope of the compromised data or the timeline of the attack has been released. The incident underscores the persistent targeting of legal firms by cybercriminals seeking sensitive corporate information.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
MARCH 2026
705
FEBRUARY 2026
704
JANUARY 2026
702
DECEMBER 2025
753
NOVEMBER 2025
699
OCTOBER 2025
698
SEPTEMBER 2025
697
AUGUST 2025
695
JANUARY 2023
734
Ransomware
01 Jan 2023 • Jones Day
Jones Day and Allen & Overy: Jones Day hit by cyber attack linked to group targeting law firms
Jones Day Hit by Cyberattack Linked to Silent Ransom Group
629
CRITICAL-105
JONALL1775551567
Jones Day Hit by Cyberattack Linked to Silent Ransom Group
Jones Day, a prominent U.S. law firm, recently disclosed a cyberattack in which an unauthorized third party accessed dated files related to 10 client matters. All affected clients have been notified. The incident is believed to be tied to the Silent Ransom Group, a cybercrime collective known for targeting law firms since at least 2023.
The group employs social engineering tactics, including impersonating IT staff and, in some cases, gaining physical access to offices to deploy malware. Reports indicate the hackers claimed responsibility for the attack, publishing a file directory and screenshots of alleged negotiations with Jones Day representatives. The breach reportedly focused on Greg Castanias, a senior Washington-based partner leading the firm’s Federal Circuit practice.
This attack follows a pattern of escalating threats against law firms, which are frequent targets due to the sensitive client data they handle. Jones Day has previously faced cyber incidents, including a 2021 breach linked to a file transfer software hack. Additionally, Allen & Overy, now merged, was compromised in a 2023 LockBit ransomware attack, though the firm was later removed from the group’s leak site without public explanation.
The latest breach underscores the persistent risks law firms face from sophisticated cybercriminal operations.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
FEBRUARY 2021
769
Breach
01 Feb 2021 • Jones Day
Jones Day
Data Breach at Jones Day via Accellion Vendor
713
CRITICAL-56
JON2493622
The client data of Jones Day was obtained by the hacking group Clop after a third-party vendor Accellion suffered a cyber attack.
The hackers also uploaded gigabytes of the stolen highly sensitive data on the dark web in an attempt to export the payment.
The firm along with the Accellion investigated the data security incident.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for Jones Day ??
What was Jones Day's A.I Rankiteo Cyber Score in June 2026 ??
What was Jones Day's A.I Rankiteo Cyber Score in May 2026 ??
What was Jones Day's A.I Rankiteo Cyber Score in April 2026 ??
What was Jones Day's A.I Rankiteo Cyber Score in March 2026 ??
What was Jones Day's A.I Rankiteo Cyber Score in February 2026 ??
What was Jones Day's A.I Rankiteo Cyber Score in January 2026 ??
What was Jones Day's A.I Rankiteo Cyber Score in December 2025 ??
What was Jones Day's A.I Rankiteo Cyber Score in November 2025 ??
What was Jones Day's A.I Rankiteo Cyber Score in October 2025 ??
What was Jones Day's A.I Rankiteo Cyber Score in September 2025 ??
What was Jones Day's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on Jones Day's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with Jones Day ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view Jones Day's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?