Jones Day Hit by Phishing Attack, Client Data Accessed in Breach Claimed by Cybercriminal Group Global law firm Jones Day confirmed a phishing attack in which hackers accessed files belonging to 10 clients, a breach later claimed by the cybercriminal group Silent. The incident, disclosed on Monday, involved unauthorized access to a limited set of dated client documents, according to a statement from spokesperson Dave Petrou. All affected clients have since been notified, though their identities remain undisclosed. Silent, a known extortion-focused threat group, listed Jones Day as a victim on its dark web leak site, taking credit for the attack. The firm, which has previously faced cybersecurity incidents including a 2021 breach with undisclosed details represents high-profile clients such as Goldman Sachs, McDonald’s, and General Motors. No further information on the scope of the compromised data or the timeline of the attack has been released. The incident underscores the persistent targeting of legal firms by cybercriminals seeking sensitive corporate information.

An ex-Washington Post employee reportedly is suing the news organization in the wake of a data breach the exposed the personal data of almost 10,000 current and former workers, saying the company failed to put adequate protections in place. According to Politico, Jun Hee Kim, who worked at the Post in 2018 and 2019, filed a class action lawsuit that includes the 9.720 people potentially victimized by the hack, which includes not only employees but also independent contractors and contributors, who reportedly included former National Security Adviser John Bolton. Kim reportedly in the lawsuit claims the data breach at the storied news outlet was the result of the Post failing to “implement adequate and reasonable cybersecurity procedures and protocols.” He also says he and other victims have suffered financially due to their data being stolen and that they want the Post to compensate them for identity theft and monitoring services. He also is demanding that the news organization hardened its data security. Growing List of Victims The Post, which has more than 3,000 employees and about 2.5 million digital subscribers – is among a growing number of victims – with some estimates closing in on 100 companies – stemming from a threat group’s exploitations of a zero-day critical vulnerability (tracked as CVE-2025-61882) and other security flaws in Oracle’s E-Business Suite (EBS), a collection of enterprise software used to manage business functions like financials, human resourc

The NHS is investigating a cyberattack claimed by the extortion group Clop, which listed the NHS.uk domain on its leak site on November 11 without publishing any stolen data. The attack reportedly exploits a vulnerability in Oracle E-Business Suite (EBS), a system widely used across the NHS for managing sensitive patient data. While Clop did not specify which NHS branch was compromised, the potential exposure of patient records—given the NHS’s role as Europe’s largest employer and a critical healthcare provider—poses severe risks. The NHS, which refuses to pay ransoms, is collaborating with the National Cyber Security Centre (NCSC) to assess the breach. Historical attacks on the NHS have disrupted life-saving services, and this incident could similarly threaten patient safety if systems are compromised. The UK’s proposed ban on ransom payments for public sector organizations further complicates recovery efforts, leaving the NHS vulnerable to prolonged operational and reputational damage.

The personal information of almost 10,000 current and former employees of the Post may have been compromised. The data breach occurred between July and August, and The Washington Post notified those impacted last month. | Andrew Harnik/Getty Images By Maggie Miller 12/05/2025 03:56 PM EST A former employee of The Washington Post filed a class action lawsuit against the outlet on Friday over a recent breach that compromised the personal data of thousands of current and former employees. Jun Hee Kim, who according to the filing worked at the Post from 2018 to 2019, filed the suit on behalf of the almost 10,000 current and former employees, and says the Post did not adequately secure their personal data. The Post disclosed the breach earlier this year. It noted that around 9,700 individuals were impacted by the hack, and their personal data, including names, Social Security numbers and banking information, may have been compromised. The breach occurred between July and August, and the news organization notified those impacted last month.

The Washington Post, a prominent American news organization, suffered a data breach caused by an exploited vulnerability in Oracle’s E-Business Suite software. The ransomware group CL0P gained unauthorized access between July 10, 2025, and August 22, 2025, compromising sensitive personal and financial data of 9,720 current and former employees and contractors. Exposed information included names, Social Security numbers, tax ID numbers, bank account numbers, and routing numbers.The breach was discovered on September 29, 2025, after a threat actor contacted the company. Forensic investigations confirmed the exploit, revealing the vulnerability was widespread among Oracle clients. The Washington Post applied patches, notified affected individuals via mail starting November 12, 2025, and disclosed the incident to the Maine, Massachusetts, and Vermont Attorney Generals' offices. As a remedial measure, the company offered 24 months of free IDX identity protection services to impacted individuals.

The Washington Post, a major U.S. daily newspaper with ~2.5M digital subscribers, suffered a data breach via a zero-day vulnerability (CVE-2025-61884) in Oracle E-Business Suite between July 10–August 22, 2025. Threat actors (linked to the Clop ransomware group) exploited the flaw to access the Post’s internal ERP system, stealing sensitive employee and contractor data—including full names, bank account/routing numbers, Social Security numbers (SSNs), and tax/ID numbers—affecting 9,720 individuals. The attackers later attempted extortion in late September. While the breach was contained to internal HR/finance systems, the exposed data poses severe risks of identity theft, financial fraud, and reputational harm. Victims were offered 12 months of free identity protection (IDX) and advised to freeze credit files. The incident follows a separate June 2025 attack on journalists’ emails by state actors, though no direct link was confirmed.

The Washington Post confirmed it was a victim of a data breach orchestrated by the Clop ransomware gang, exploiting vulnerabilities in Oracle’s E-Business Suite—a widely used enterprise software. The attack was part of a large-scale supply-chain campaign targeting hundreds of organizations globally, leveraging zero-day flaws in Oracle’s platform. While specifics of the compromised data remain undisclosed, the breach likely exposed internal financial or operational records, given the suite’s role in business-critical processes. The incident aligns with Clop’s history of high-profile ransomware attacks, including the 2023 MOVEit breach, and follows a March 2025 Oracle Cloud hack where 6 million records were exfiltrated. The Washington Post acknowledged the intrusion in a public statement, linking it to the broader Oracle exploitation wave. Industry experts warn of ongoing risks due to unpatched vulnerabilities in enterprise software, with Clop’s tactics combining data exfiltration, ransom demands, and dark-web data sales. The breach underscores systemic weaknesses in third-party supply-chain security, prompting calls for stricter vendor oversight and proactive patch management.