Cybersecurity, Data Breach, Discovery

Privilege Under Fire: Protecting Forensic Reports in the Wake of a Data Breach

Baker Donelson on 5/20/2025

In the chaos following a cyberattack, forensic reports are often pulled together under intense pressure and can assist companies in responding to and remediating the incident. However, if you're not careful, these reports...more

[Webinar] How Legal Must Mitigate Risk in Today's Dangerous and Changing Data Landscape - May 23rd, 1:00 pm - 2:00 pm ET

EDRM - Electronic Discovery Reference Model on 5/10/2024

One of the biggest challenges facing in-house legal teams is the ever-changing data landscape. The amount of structured and unstructured data has exploded over the last five years making legal and privacy activities more...more

Federal Court Grants the SEC Limited Access to the Identities of Law Firm Clients Impacted by a Cyberattack

Jones Day on 8/15/2023

In Short - The Situation: Following a cyberattack on a law firm's systems, the Securities and Exchange Commission ("SEC") subpoenaed the firm for information, including the identity of clients whose information may have...more

The best data retention policy template to get you started (Updated)

Reveal on 8/14/2023

Editor’s note: This post was originally published in October 2020 and has been updated for accuracy and comprehensiveness. They say more is better. And that’s true in many cases, but not when we’re talking about a stockpile...more

Cyber Incident Response and eDiscovery Are Not One in the Same: Understanding the Key Differences and Associated Risks

Association of Certified E-Discovery... on 4/5/2023

With the number of cyber incidents skyrocketing, dealing with a data breach has become an all-too-common experience. In 2022 alone, there were over 500 million cyber-attacks and of these entities over 60 percent were attacked...more

[Webinar] Proper Hygiene Matters: Three Cybersecurity, Privacy, and Data Protection Challenges and Solutions - March 15th, 12:00...

HaystackID on 3/7/2023

From nations and states to organizations and individuals, the focus on individuals’ fundamental rights and freedoms coupled with the common concerns for cybersecurity has driven the recognition and requirement for cyber and...more

Ransomware Reduces Costa Rica to Pen and Paper

EDRM - Electronic Discovery Reference Model on 7/15/2022

This story has been covered across cybersecurity media, but it’s so big I’m surprised it hasn’t been covered even more, by mainstream media. A ransomware attack by the Conti ransomware group has left the Costa Rican...more

Privilege Newsletter: Fitting Consultants Within the Attorney-Client Privilege and Work Product Protection – Cyber Breach...

Jenner & Block on 4/18/2022

Cyber attacks are increasingly frequent and virulent. An intruder may lurk in a company’s computer system for years, or an attack may be sudden and catastrophic. Millions of people’s personal information and companies’...more

[Webinar] Data Privacy for eDiscovery Pros: Strategy and Execution - March 17th, 1:00 pm - 2:00 pm EDT

Association of Certified E-Discovery... on 2/28/2022

This webinar is intended for eDiscovery professionals interested in the overlap between data privacy and eDiscovery capabilities, workflows and use cases. The tools to tackle the protection of personal data already exist...more

[Webcast Transcript] Understanding Information Governance, Data Privacy, and Data Breach Exposure

HaystackID on 12/10/2021

Editor’s Note: On December 1, 2021, HaystackID shared an educational webcast designed to present and describe a framework for deploying and enhancing organizational information governance programs....more

Wisdom From The Women Leading The Cybersecurity Industry, With Jenny Hamilton of HaystackID

HaystackID on 8/2/2021

Editor’s Note: As part of the interview series called Wisdom From The Women Leading The Cybersecurity Industry, author, interviewer, and CEO of Data443 Risk Mitigation, Inc., Jason Remillard, recently shared the following...more

[Virtual Event] The Intersection of Cybersecurity and eDiscovery - March 25th, 2:00 pm - 3:00 pm GMT

Association of Certified E-Discovery... on 3/11/2021

Cyber-attacks can happen to any organisation around the globe and when an incident or breach occurs, they must act quickly to determine the extent of the data exposure and notify all individuals impacted by the breach....more

Update: Protecting Privilege: Top 10 Checklist for Cybersecurity Forensic Investigation Reports

Akin Gump Strauss Hauer & Feld LLP on 3/1/2021

In ongoing multidistrict litigation concerning Capital One’s 2019 data breach, Capital One succeeded in defeating a motion to compel disclosure of a privileged root cause analysis conducted by PwC. In contrast to an earlier...more

Lessons from Wengui v. Clark Hill: Structuring a Two Track Cyber Investigation

Proskauer - Minding Your Business on 2/8/2021

As the D.C. District Court in Wengui v. Clark Hill recently commented, “[m]alicious cyberattacks have unfortunately become a routine part of our modern digital world. So have the lawsuits that follow them….” The court’s...more

Capital One Loses Bid to Shield Post-Breach Report from Consumer Plaintiffs

Hinshaw & Culbertson - Insights for Insurers on 6/29/2020

On June 25, a Federal District Court in Virginia (Anthony J. Trenga, U.S.D.J.) affirmed a Magistrate Judge's Order requiring Capital One to produce a vendor's post-breach forensic report to plaintiffs in a consumer class...more

No Protection for Vendor's Forensic Report in Post-Breach Litigation? - Preserving Privilege and Work Product Protection in Light...

Hinshaw & Culbertson - Insights for Insurers on 6/17/2020

A May 26, 2020 order by U.S. Magistrate Judge John F. Anderson (E.D. Va.) that attorney work product protection did not preclude production of a forensic vendor's data breach investigation report to plaintiffs in the Capital...more

Federal Court Finds Cybersecurity Forensic Report Not Privileged Under Attorney Work Product Doctrine

Womble Bond Dickinson on 6/15/2020

The United States District Court for the Eastern District of Virginia (Court) has held that a cyber-forensic investigation report was not protected by the attorney work product doctrine and ordered Capital One to produce it...more

Maintaining Privilege and Work Product Protections in Dual Purpose (Legal and Business) Investigations

Proskauer - Minding Your Business on 6/1/2020

Requires More than Merely Adding Counsel’s Name to a Forensic Report. Technical investigations conducted following cyber-incidents often have both legal and ordinary-course business purposes. In certain jurisdictions,...more

Weekly Trends Report – 1/29/2020 Insights

Association of Certified E-Discovery... on 1/30/2020

Insight into where e-discovery, information governance cybersecurity, and digital transformation are heading – who is doing what now or in the future, what works and what doesn’t, and what people wish they could do but can’t...more

Influential Sedona Conference Releases Key Guidance for Attorney-Client Privilege and Work-Product Protection in Cybersecurity...

Orrick, Herrington & Sutcliffe LLP on 12/6/2019

With significant input from Orrick’s Cybersecurity, Privacy and Data Innovation team, the influential Sedona Conference and its Working Group 11 last week published important guidance on the application of the attorney-client...more

Cybersecurity › Data Breach › Discovery