Stephanie A. Diehl of Proskauer writes:
As the D.C. District Court in Wengui v. Clark Hill recently commented, “[m]alicious cyberattacks have unfortunately become a routine part of our modern digital world. So have the lawsuits that follow them….” The court’s decision in that case has added another data point to developing jurisprudence of the cyberattack landscape, specifically concerning the discoverability of post-breach forensics reports.
A former client of the Clark Hill law firm sued the firm for failing to protect his confidential information after a hacker stole the client’s data from the firm’s systems. The former client moved to compel the firm to produce all reports relating to Clark Hill’s investigation into the cyberattack. Clark Hill argued that certain materials were protected from discovery because it had initiated a “two track” investigation into the breach, an approach sometimes used by companies following security incidents.
Read more on Minding Your Business.