Law Firm Must Turn Over Some Client Names to SEC That Were Compromised in Cyber Incident
Zero day used to breach Norwegian agencies, Dutch cops bust Genesis Market suspect, Lazarus is breaching Windows IIS to deliver malware, Spyhide secretly collects data on tens of thousands, much more
US District Court Judge Amit Mehta in Washington ruled that law firm Covington & Burling must turn over the names of seven clients whose data was compromised in a cyberattack to the US Securities and Exchange Commission, despite objections by the firm and others that to do so would weaken attorney-client privilege.
The SEC had asked in March for the names of almost 300 public company clients of the law firm, saying it needed them to determine if the hackers had used the information they stole to engage in illicit trading.
However, Mehta ruled that the SEC’s request was “too broad,” and he ordered the law firm to reveal the names only of clients whose material hackers may have accessed nonpublic information during the 2020 breach of the law firm’s computer files.
Covington argued that confidentiality rules should shield it from having to provide …
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.