Donald Trump’s one-time law firm allegedly suffers data breach
Hackers claim to have stolen 100GB of confidential files belonging to the Jones Day law firm


Hackers claim to have stolen confidential files belonging to the Jones Day law firm, which once represented former-president Donald Trump. The hackers allegedly posted sensitive files on the dark web, but the law firm denies the breach occurred.
DataBreaches.net initially reported the attack, which is thought to involve the Clop ransomware gang. The hackers claimed to have obtained 100GB of data from the law firm and published redacted files to prove their attack. The gang has demanded a $20 million ransom payment in return for a decryption key.
The law firm disputed the hackers' claims that they breached its network. However, it did say a file-transfer platform it used was recently compromised, affecting the firm’s data. The compromised platform belongs to California-based cloud computing company Accellion.
“Jones Day has been informed that Accellion’s FTA file transfer platform, which is a platform that Jones Day—like many law firms, companies, and organizations—used was recently compromised and information taken,” a spokesperson for the firm said in a statement to Bloomberg Law.
“Jones Day continues to investigate the breach and has been, and will continue to be, in discussion with affected clients and appropriate authorities.”
The Wall Street Journal said it’s not only seen some breached files, but it could also “see the existence of many more files — mammoth in size — also purported to belong to Jones Day.”
James McQuiggan, Security Awareness Advocate at KnowBe4, told IT Pro that like the SolarWinds supply-chain attack, the cyber criminals are focusing their attacks on those third parties and service providers that support many customers.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
“These organizations will want to review and elevate their security programs to ensure they do not suffer a breach, leading to a similar compromise. These attacks damage the organization’s customers and clients and damage the reputation and possible bottom line for that organization,” McQuiggan said.
“With an organization that provides large file transfers, one consideration for them to protect their data is to encrypt the data before transferring it and to protect it from the third-party provider. Upon delivery to the receiver, they would have the key to decrypt and view the data."
Martin Jartelius, CSO at Outpost24, told IT Pro what we’re seeing now are the effects of the Accellion intrusion from December.
“It’s an external file sharing solution that’s decades-old and has been used by several organizations. As we are seeing more and more data related to the breach hitting the news, other organizations that have used the services should review and prepare processes to inform any clients and any individuals for whom data has been processed on this platform,” Jartelius said.
“Noting that we are approaching a two-month mark from when the breach likely occurred, those who suspect they may be affected should consider informing any affected data subjects at the soonest in line with current privacy legislation and not wait and hope for the best.”
Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.
-
The IT industry’s shift to circular, low-carbon solutions
Maximize your hardware investment and reach your sustainability goals with HP’s Renew Solutions
-
Lenovo ThinkPad X9 14 Aura Edition review
Reviews This thin and light ultraportable will draw you in with its vibrant screen – but it isn't as powerful as some of its competitors
-
Capita tells pension provider to 'assume' nearly 500,000 customers' data stolen
Capita told the pension provider to “work on the assumption” that data had been stolen
-
Gumtree site code made personal data of users and sellers publicly accessible
News Anyone could scan the website's HTML code to reveal personal information belonging to users of the popular second-hand classified adverts website
-
Pizza chain exposed 100,000 employees' Social Security numbers
News Former and current staff at California Pizza Kitchen potentially burned by hackers
-
83% of critical infrastructure companies have experienced breaches in the last three years
News Survey finds security practices are weak if not non-existent in critical firms
-
Identity Automation launches credential breach monitoring service
News New monitoring solution adds to the firm’s flagship RapidIdentity platform
-
Neiman Marcus data breach hits 4.6 million customers
News The breach took place last year, but details have only now come to light
-
Indiana notifies 750,000 after COVID-19 tracing data accessed
News The state is following up to ensure no information was transferred to bad actors
-
Pearson fined $1 million for downplaying severity of 2018 breach
News The SEC found the London-based firm made “misleading statements and omissions” about the intrusion