Privilege: The Before and After of a Cyber Breach


Let’s start with a trivia question. Q: What do the companies Target, Genesco, and Experian all have in common? Is it (A) they all experienced data breaches which exposed sensitive consumer information; (B) they all found themselves the subject of lawsuit(s) over the loss of this information; (C) they all invoked the doctrine of privilege — specifically under attorney-client and work product– to protect a retained forensic firm’s investigative findings; or (D) all the above. If you chose D, then you, dear reader, can go on your merry way reading. Cyber attacks and the loss of sensitive information are at the forefront of nearly every corporate executive’s mind. According to a recent study by the Business Continuity Institute, cyber attacks represent the number one concern among business professionals. A proliferation of high-profile breaches over the past twelve months (e.g., HBO, Yahoo, Democratic National Committee, etc.) have left owners of businesses […]

Continue Reading

Equifax Cybersecurity Breach — What You Need To Know


By Thomas Ritter of Thompson Burton, PLLC The news that credit reporting agency Equifax suffered a data breach of sizable proportions (a projected 143 million people affected) set the information security community abuzz. The irony was not lost on anyone: One of the three main credit reporting agencies largely in charge of identity theft notification and prevention, Equifax’s loss of sensitive information now acts as a gateway into the future proliferation of widespread identity fraud. Although details continue to slowly emerge, here’s what we currently know, what’s important for you to know, and my suggestions on preventative measures and next steps. WHAT HAPPENED? Criminals gained access into Equifax’s internal system through a vulnerability in the company’s website software beginning in mid-May, and remained inside the system until late July. The perpetrators gained access to a variety of sensitive personally identifiable information, which includes (but may not be the entire scope […]

Continue Reading