In ongoing multidistrict litigation concerning Capital One’s 2019 data breach, Capital One succeeded in defeating a motion to compel disclosure of a privileged root cause analysis conducted by PwC. In contrast to an earlier ruling requiring Capital One to turn over a similar root cause analysis conducted by cybersecurity expert Mandiant, the court found that Capital One’s general counsel engaged PwC through a distinct and legally privileged representation to assist the company with its fiduciary and legal duties in anticipation of litigation. As these rulings show, privilege determinations vary widely, but adhering to best practices can maximize the chance of avoiding disclosure.
Top 10 Checklist for Cybersecurity Forensic Investigation Reports
© 2024 Akin Gump Strauss Hauer & Feld LLP. All rights reserved. Attorney advertising. This document is distributed for informational use only; it does not constitute legal advice and should not be used as such. Prior results do not guarantee a similar outcome. Akin is the practicing name of Akin Gump LLP, a New York limited liability partnership authorized and regulated by the Solicitors Regulation Authority under number 267321. A list of the partners is available for inspection at Eighth Floor, Ten Bishops Square, London E1 6EG. For more information about Akin Gump LLP, Akin Gump Strauss Hauer & Feld LLP and other associated entities under which the Akin Gump network operates worldwide, please see our Legal Notices page.