Matters

  • Served as breach counsel for academic health system in connection with an incident arising out of a threat actor’s deletion and attempted extortion for the return of the ePHI of approximately 80,000 patients residing across the U.S. and multiple foreign jurisdictions
  • Served as breach counsel for financial institution that was the target of ransomware and extortion attack involving the acquisition and posting on various social media sites the sensitive member information and personal information of more than 46,000 of the institution’s members and other affected individuals
  • Served as breach response counsel for international financial institution whose Office 365 e-mail accounts of users in the United States and the United Kingdom were compromise potentially triggering notification under the New York Department of Financial Services Cybersecurity Requirements for Financial Services Companies and United Kingdom’s Data Protection Act of 2018
  • Served as breach response counsel for more than one hundred incidents of credit unions across the United States, including ransomware, extortion, fraudulent wire transfers, Office 365 e-mail account compromises, network intrusions and employee misconduct
  • Served as counsel for manufacturer whose production line system was compromised resulting in intentional alteration of specialty product’s alteration and demand by threat actor for payment to cease further product alterations and information on past product alterations
  • Served as breach response counsel for health care system that experienced a malware attack potentially impacting approximately four million customers and 40,000 employees
  • Served as breach counsel to university following brute-force password attack resulting in the compromise of personally identifiable information (PII) of over 60,000 students, alumni and employees residing in more than 40 states and several foreign countries
  • Served as breach response counsel for website/e-commerce hosting services provider that sustained a malware attack impacting hundreds of third-party companies that used clients hosting services as well as thousands of those companies' customers
  • Served as breach response counsel for health care system in connection with potential exposure of radiological records of approximately 400,000 patients
  • Served as breach response counsel for community bank that sustained malware attack on online banking portal impacting customers across numerous states
  • Served as breach response counsel for law firm following theft of the firm's servers containing Pll and protected health information (PHI) of approximately 20,000 clients, adversaries and witnesses located in multiple states
  • Assisting major financial institutions to update and improve information security and data privacy practices, including data breach response procedures, and conducting data privacy audits to identify potential privacy and data security issues
  • Conducting review of multinational food and beverage company information policies to ensure compliance with data privacy and security best practices
  • Conducting privacy and risk management audits for numerous multistate retailers and life science companies
  • Developing employee training programs on information security and data privacy compliance for several investment advisers, broker-dealers and other financials service institutions