• Home
  • cyber
  • Jones Day: Beyond Breaches: The Rise of Non-Breach Privacy Claims in Cyber Insurance
cyber Cyber Attack

Jones Day: Beyond Breaches: The Rise of Non-Breach Privacy Claims in Cyber Insurance

Jan 1, 2025 2 min read
Jones Day: Beyond Breaches: The Rise of Non-Breach Privacy Claims in Cyber Insurance

Cyber Insurance Shifts Focus to Non-Breach Privacy Risks as AI and Litigation Surge

The cyber insurance industry is undergoing a fundamental shift, moving beyond traditional breach-related threats to prioritize privacy risks particularly those emerging outside conventional cyber incidents. A recent cyberattack on a law firm, attributed to a hacker group targeting legal practices, exposed sensitive data belonging to 10 of its clients, underscoring the persistent threat to high-value sectors.

A new report by Baker & Hostetler highlights a sharp rise in data breach class actions and settlements involving web tracking and pixel-related cases in 2025. The legal landscape is evolving, with litigation increasingly centered on statutory privacy violations rather than just breach damages. Key trends include a surge in lawsuits against data brokers over unauthorized cell phone listings in commercial directories and disputes involving AI-powered product recommendation tools in the beauty industry.

AI adoption introduces additional risk vectors, particularly around "hallucinations" inaccurate or misleading outputs that can lead to legal exposure if not properly governed. While the technology itself doesn’t create new legal obligations, failures in oversight, verification, and accountability are becoming focal points for litigation.

The attack on Jones Day further illustrates the ongoing vulnerability of law firms to phishing and other targeted threats. As organizations integrate AI into core operations, the intersection of privacy, cybersecurity, and regulatory compliance is reshaping risk assessments and the insurance policies designed to mitigate them.

Source: https://www.law.com/2026/04/14/beyond-breaches-the-rise-of-non-breach-privacy-claims-in-cyber-insurance/

Bennett Jones cybersecurity rating report: https://www.rankiteo.com/company/bennett-jones

"id": "BEN1776206341",
"linkid": "bennett-jones",
"type": "Cyber Attack",
"date": "1/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '10 clients',
                        'industry': 'Legal',
                        'name': 'Jones Day',
                        'type': 'Law Firm'}],
 'attack_vector': 'Phishing',
 'data_breach': {'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Sensitive client data'},
 'description': 'A cyberattack on a law firm, attributed to a hacker group '
                'targeting legal practices, exposed sensitive data belonging '
                'to 10 of its clients. The incident highlights the persistent '
                'threat to high-value sectors and the evolving landscape of '
                'privacy risks.',
 'impact': {'data_compromised': 'Sensitive client data'},
 'references': [{'source': 'Baker & Hostetler Report'}],
 'regulatory_compliance': {'legal_actions': 'Data breach class actions and '
                                            'settlements'},
 'threat_actor': 'Hacker group targeting legal practices',
 'title': 'Cyberattack on Law Firm Exposing Sensitive Client Data',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.