Andrew Goudsward reports:
The U.S. Securities and Exchange Commission has sued law firm Covington & Burling for details about nearly 300 of the firm’s clientsd whose information was accessed or stolen by hackers in a previously undisclosed cyberattack, court documents show.
Hackers associated with the Hafnium cyber-espionage group, which has alleged ties to the Chinese government, gained access to Covington’s computer networks around November 2020, accessing private information about the firm’s clients, including 298 publicly traded companies, according to a lawsuit filed Tuesday by the SEC.
Read more at Reuters.
For its part, Covington says it was a state-sponsored attack that affected a limited number of clients and that the firm had notified those clients and worked with the FBI.
But does attorney-client privilege trump the SEC’s authority to investigate? This is an interesting one to watch.