Over the past ten years, our attorneys have handled thousands of data privacy related matters of various sizes and types such as:
- The investigation into the unauthorized flow of data – for almost a decade – relating to over 2 million customers between a worldwide financial institution and a former third-party vendor.
- The investigation and disclosure of the theft of an unencrypted laptop containing the names, Social Security numbers, and account information for almost the entire customer population of a large regional financial institution.
- The investigation and disclosure of a malicious hacking event resulting in the unauthorized disclosure of health information relating to approximately 6 million individuals and the defense of the entity against over 20 class action lawsuits and other actions initiated by individuals, regulators, and other third-parties.
- The loss, by a third-party business associate, of data relating to almost 1 million patients and direction of the investigation and disclosure of this event by the third-party business associate.
- The defense of a worldwide tax preparation franchisor in an FTC investigation arising out of the theft of taxpayer data.
- Representation of a national restaurant chain in the appeal of financial assessments issued by credit card brands and assistance with PCI compliance following the compromise of systems used to process patron credit card data.
- Representation of a nationwide chain restaurant in the investigation and disclosure of a credit card information compromise impacting 90% of its locations.
- The investigation of an event involving the compromise of customer payment card information at certain locations of a multinational restaurant chain and negotiations with the restaurants regarding disclosure and liability regarding the event.
- Representation of large university with worldwide student and alumni population that inadvertently published alumni information, including names and Social Security numbers, on the internet for 10+ years before discovery in investigation and disclosure of event, and defense against multiple regulator inquiries.
- Investigation of a privacy event impacting the security of health and personal information relating to current and former government staff and family/kin of staff following the malicious exfiltration of the data from the client’s third-party vendor.
- Investigation and disclosure of an event involving the inadvertent publication by a county government of all marriage license applications received since the 1950s to the internet.
- Representation of an international law firm targeted by a foreign nation that infiltrated the firm’s network and remained inside the systems undetected for years.
- Representation of an accounting firm after an employee’s unencrypted laptop containing information relating to hundreds of clients and thousands of clients’ current and former employees was stolen in disclosure to clients, clients’ employees, and other third-parties.
- Representation of nationwide residential management company in the investigation and disclosure of compromise in the security of 54+ boxes of paper records collected over thirty years relating to current and former tenants and applicants, and current and former employees.
- Representation of a worldwide background screening company in the investigation and disclosure of the theft of a laptop containing over one hundred thousand records and other sensitive data.
- Review and continued preparation of incident response plan and execution of tabletop exercise for nationwide insurance company.
- Representation of professional sports team organization in the investigation and disclosure of event impacting the security of tax information for current and former players, coaches, and other staff.