Jones Day Hacked Again While FBI Director Kash Patel Plays Hockey

Jones Day, one of the country's largest law firms, confirmed that hackers accessed client files belonging to at least 10 clients in a breach attributed to the Silent Ransom Group. The firm declined to identify which clients were affected or what specific files were stolen, maintaining the kind of secrecy that probably should have been applied to their cybersecurity in the first place.

This is not Jones Day's first rodeo. The firm was also caught up in a 2021 breach of Accellion file transfer software that resulted in client data — including prescription drug records — being dumped online. Two major breaches in five years is not exactly a track record that inspires confidence.

The FBI Used to Care About This

According to an FBI alert from May 2024, the Silent Ransom Group has been specifically targeting law firms since 2023. The group uses social engineering — phishing emails and phone calls impersonating IT staff — rather than sophisticated malware. They just convince someone to hand over remote access credentials and then walk out with the data using standard file transfer tools.

But that alert came before FBI Director Kash Patel embarked on a loyalty purge that gutted the agency's cybercrime capabilities. Today, the FBI is too busy rounding up roofers and threatening people for making fun of Trump on Instagram to actually protect American businesses from foreign hackers. As a bulwark against cybercrime, the FBI under Patel is essentially an offensive lineman who immediately turns around and yells "incoming!" at the quarterback.

$13 Million Ransom Demand

The hackers published a file directory and screenshots of what appear to be negotiation chats between the group and Jones Day representatives. According to those screenshots, the group demanded $13 million to keep quiet about the breach. When Jones Day refused to pay immediately, negotiations broke down.

The group's final message — from a negotiator identifying themselves as "Ammiel Olsen" — warned that they would publish all the stolen data, contact every employee and client, and resume attacks on the firm. The message also threw in a jab about Jones Day being "exposed in the Epstein files about your ties with child predators."

That last part is darkly funny in a way the hackers probably didn't intend. When you've already been exposed in the Epstein files, what exactly is a ransomware gang going to do to your reputation?

Law Firms Are Soft Targets

The FBI's 2024 warning about Silent Ransom Group noted that the attackers target law firms "likely due to the highly sensitive nature of legal industry data." Translation: law firms are soft targets sitting on treasure troves of confidential information.

While the legal industry has spent the last two years hyping up AI well beyond its actual capabilities, basic cybersecurity remains an afterthought. And when the federal agency responsible for tracking these threats is run by a Trump loyalist more interested in political vendettas than protecting American institutions, firms are on their own.

It's unclear whether Silent Ransom Group followed through on its threat to renew attacks on Jones Day. What is clear is that under Kash Patel's leadership, the FBI has abandoned its responsibility to protect American businesses from cybercrime. The agency that once tracked sophisticated hacking groups now exists mostly as a luxury travel agent for Patel to slam beers with hockey players while law firms get ransacked by hackers using techniques that could be defeated by basic employee training.

This is what happens when you put loyalty over competence. The FBI gets weaponized against political opponents while actual criminals walk away with millions in stolen data. And firms like Jones Day — which should know better after getting hit in 2021 — keep making the same mistakes because there's no federal backstop anymore.