Cyber Incident Victim: Fox Rothschild LLP
Date:
May 2026
Location:
United States of America
Summary
Fox Rothschild LLP was sued after a cyberattack attributed to the SilentRansomGroup, in which a plaintiff alleges the firm failed to adequately protect her data, potentially exposing her Social Security number. The incident follows a similar attack on Jones Day by the same threat actors. The lawsuit was filed in the US District Court for the Eastern District of Pennsylvania and references a public report by HookPhish.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On May 21, 2026, Fox Rothschild LLP reported that it had experienced a cyberattack attributed to the threat group SilentRansomGroup. The firm disclosed the date of the incident in a statement following the breach. According to the firm's disclosure, the attack involved unauthorized access to its systems. The specific data that may have been compromised was not detailed in the firm's statement.
On June 9, 2026, a plaintiff filed a lawsuit against Fox Rothschild LLP in the United States District Court for the Eastern District of Pennsylvania. The complaint alleges that the firm failed to sufficiently protect her personal data, including her Social Security number, from the cybercriminals responsible for the breach. The plaintiff contends that the alleged inadequacy of the firm's security measures allowed the attackers to obtain her sensitive information.
The lawsuit references a public report by HookPhish that details the SilentRansomGroup activity. The article notes that the Fox Rothschild incident follows a similar attack against Jones Day that was also attributed to SilentRansomGroup. It observes that law firms often handle financial statements, medical data, and criminal records, making them attractive targets for cyber threat actors.