In light of the almost daily news stories about cybersecurity breaches, cybersecurity is a concern for businesses of all sizes and in every industry. When a data security breach provides subrogation opportunities, our subrogation lawyers work closely with the Cyber Law and Data Protection Group to investigate the cause of the loss and identify potential targets. Depending on the cause of the loss, potential targets include network security companies, vendors providing technology services and businesses or parents who fail to take reasonable measures to guard against viruses that can infect an insured’s computer.
Although the investigation of cyber-related loss claims can be a daunting task, utilizing standard subrogation investigation techniques designed to ensure early intervention by cyber-security experts, the preservation of evidence, the development of legal theories and the identification of potential targets helps our clients maximize their recoveries. Working with forensic experts, we oversee the examination of affected computers to identify the virus that attacked the system and its source to discover how the virus got into the insured’s computer. Once potential targets are identified, our subrogation lawyers aggressively pursue the targets and work to overcome defenses such as those based on contractual waiver, damages limitation and indemnification clauses. When pre-suit settlement negotiations fail, our experienced, multi-disciplinary team of litigators pursue potential targets through litigation.
In addition to the forensic, cyber subrogation services offered by the subrogation department, lawyers in White and Williams LLP’s Cyber Law and Data Protection Group work with victims and their insurers to identify whether, following a breach, there was a proper response. These activities include compliance with the myriad of notification statutes that exist in 47 different states, preservation of evidence, public-relations efforts, information sharing and overall preparation for the potential onset of litigation.
Handled an email spoofing claim that resulted in fraudulent wire transfers
Worked with an insurer interested in subrogating a hacking incident involving an educational institution who was transitioning its student information to a cloud-based server using a mongo database
- Investigated the subrogation potential of a claim involving a ransomware attack that resulted, upon recovering the insured’s systems, in a programming error and damage to the insured’s manufacturing equipment
- Partnered with insurer-clients on claims involving various forms cyberattacks, including ransomware, “man in the middle” attacks, exposure of protected customer information, and impersonation/social engineering