Gabe Friedman reports:
The privacy focused class-action law firm Edelson P.C. announced it has filed a federal class-action under seal that targets a Chicago-based regional law firm for data security holes.
On Thursday morning, name partner Jay Edelson tweeted that he had filed a motion to unseal the complaint against the unnamed firm.
[…]
In an interview with Big Law Business in March, Edelson explained that his firm had conducted a year-long investigation and identified 15 major law firms with inadequate cybersecurity. He said his firm planned to file a series of lawsuits that target data security vulnerabilities at law firms on behalf of firm clients who have concerns about how their data is being protected.
Read more on Bloomberg BNA.
I’m hard-pressed to see how any such civil suit could prevail if there’s been no actual hack or data compromise of the defendants’ systems, but the FTC could sure as hell investigate or take action if infosecurity is that bad.
Either way, this will be one to watch. If nothing else, if the lawsuit is unsealed, this could become a name and shame situation to get law firms off the dime to bring their A game on security.