Return

Data Breach Response & Recovery

Our team of data breach lawyers are here to react to threats against your company, swiftly, and sensitively in response to any data breach you may face

Developing a strong presence on the internet is critical to the growth of any online business. Breaches in online security can happen and in our experience it is the way that it is handled rather than the breach itself that affects customer confidence.

From the initial attack through to ongoing communications with stakeholders, our team work closely with firms to evaluate and understand the specific issues. We advise on the immediate response to data breaches and cyber threats including the notification of customers, restoration of data and quantification of loss.

We are here to provide support to enable you to understand, successfully tackle and put in place the measures to safeguard your data in future.  With experience of handling over 1000 data breach and privacy incidents, our team is equipped to handle your claim.  With an established global network of IT professionals, we can provide you with assistance you require, wherever you are in the world.

Our Data Breach Response & Recovery Work

  • All
  • Asia Pacific
  • Middle East
  • North America
  • UK & Europe
  • Internal data sharing security and management policies

    Advising international reinsurance company on internal data sharing security and management policies

    Australia

    Advice on data protection for online sales

    Advising on data transfer, data protection and privacy in relation to the sale of an online portal and the spin-out of certain other online businesses

    United Kingdom

    Advice regarding data policy implementation

    Advising on and drafting cyber policy wordings for the London market

    United Kingdom

    Advice regarding handling of consumer data breach

    Advising US insureds and insurers with respect to the handling of consumer lawsuits arising from data breaches

    United States

    Advice relating to data storage and disaster recovery

    Advising clients on the international transfer of data for the purposes of data storage and disaster recovery

    United Kingdom

    Advising clients on the ‘breach readiness’ of their systems

    Advising insurance and financial services clients on the review and audit of their systems and processes to ensure procedures are in place to detect, report and investigate personal data breaches

    Australia

    Advising high profile insureds and insurers regarding federal and state law requirements

    Advising high profile US insureds and insurers with respect to federal and state law requirements in connection with large scale breaches involving personal information and protected healthcare information

    United States

    Advising on cyber hacking and loss of customer data

    Advising a regulated business on the cyber hacking of its systems resulting in the loss of significant numbers of customer data including financial, sensitive personal data and credit card details, including identifying and assessing the risks, managing and mitigating loss and monitoring and reporting to the FCA, Fraud Squad and Information Commissioners Office

    United Kingdom

    Advising on matters involving significant breaches of personally information

    Analysing available coverage and advising insurers and insureds involved in significant breaches of personally identifiable information and/or protected health information regarding coverage and/or coverage limitations in connection with first party, regulatory and third party claims

    United States

    Advising regarding email data breaches

    Advising a university following a high profile phishing attack against its students’ university email addresses

    United Kingdom
  • Advising clients on the ‘breach readiness’ of their systems

    Advising insurance and financial services clients on the review and audit of their systems and processes to ensure procedures are in place to detect, report and investigate personal data breaches

    Australia

    First response to data breaches and cyber threats

    Advising clients with regards to first response to data breaches and cyber threats, including in relation to cyber breaches, systems failures and inadvertent disclosures

    Australia

    Major government and regulatory inquiries/investigations

    Managing major government and regulatory inquiries/investigations with expertise in dealing with all of the main Australian regulators including APRA, ASIC, ACCC and the OAIC

    Australia

    Data protection and privacy legislation

    Advising clients on their compliance with local and international data protection and privacy legislation

    Australia

    Post breach review

    Advising international financial services company on post breach review and enhancement of deficient systems, and in relation to staff training and awareness of systems and obligations

    Australia

    Internal data sharing security and management policies

    Advising international reinsurance company on internal data sharing security and management policies

    Australia
  • Data protection legislation across the Middle East

    Advising clients in respect of data protection legislation applicable in various jurisdictions in the Middle East, including the Dubai International Financial Centre, Qatar Financial Centre, Dubai Healthcare City, Dubai Technology and Media Free Zone and twofour54

    United Arab Emirates

    Online product compliance with GCC data protection laws

    Advising a leading, household name technology company in relation to the compliance of its online products with data protection laws in various GCC countries.

    United Arab Emirates

    Employee monitoring policy in the DIFC

    Advising a multinational bank on its policy for employee monitoring in the DIFC.

    United Arab Emirates

    UAE focused data protection policy for leisure company

    Drafting a UAE focused data protection policy for a major hospitality and leisure company

    United Arab Emirates

    Significant data breach and employee disclosure

    Advising a telecommunications hardware provider in relation to a significant data breach involving the disclosure of sensitive employee data

    United Arab Emirates

    CCTV in the office

    Advising companies on the use of CCTV in office premises in various Emirates and free zones in the UAE

    United Arab Emirates

    International bank's data protection in the UAE

    Advising an international retail bank on aspects of data protection, privacy and banking secrecy laws in the UAE and the DIFC

    United Arab Emirates

    DIFC data protection laws and regulations

    Advising various ratings agencies and retail banks on the DIFC Data Protection Law and Regulations

    United Arab Emirates

    Data protection law compliance audit

    Carrying out a data protection law compliance audit of a major insurer, including preparing questionnaires, interviewing personnel and preparing a report with recommendations and actions for the business to mitigate the identified risks

    United Arab Emirates

    University students phishing attack

    Advising a university following a high profile phishing attack against its students’ university email addresses

    United Arab Emirates
  • Ensuring compliance of law relating to cyber risk insurance

    Advising a Canadian insurer on cyber risk insurance wordings for use in the province of Quebec and compliance with Quebec law

    Canada

    International data breaches

    International data breaches involving Fortune 100 companies and residents in numerous countries

    United States

    Data breaches arising from human or external error

    Data breaches involving protected healthcare information (PHI) arising from both human error and external intrusions

    United States

    Business loss cause by service attack

    A distributed denial of service attack, which caused the website of a major retailer to shut down for nearly 72 hours, leading to business interruption loss and other first party loss

    United States

    Coverage and monitoring counsel to cyber insurers

    Coverage and monitoring counsel to cyber insurers in connection with the largest data breaches in history, including breaches involving over one hundred million lost records and cutting edge forensic investigations, which have resulted in substantial breach response costs, public relations expenses and business interruption losses, as well as class action lawsuits in the US and Canada, and regulatory investigations throughout the world

    United States

    Advising high profile insureds and insurers regarding federal and state law requirements

    Advising high profile US insureds and insurers with respect to federal and state law requirements in connection with large scale breaches involving personal information and protected healthcare information

    United States

    Assist regarding the issuance of breach notification letters

    Advising US insureds and insurers with respect to the issuance of breach notification letters in connection with data breaches

    United States

    Advice regarding handling of consumer data breach

    Advising US insureds and insurers with respect to the handling of consumer lawsuits arising from data breaches

    United States

    Advising regarding regulatory investigations by the OCR etc

    Advising US insureds and insurers with respect to regulatory investigations by the OCR and various state attorneys general following data breaches

    United States

    Advising on matters involving significant breaches of personally information

    Analysing available coverage and advising insurers and insureds involved in significant breaches of personally identifiable information and/or protected health information regarding coverage and/or coverage limitations in connection with first party, regulatory and third party claims

    United States
  • Advice on data protection for online sales

    Advising on data transfer, data protection and privacy in relation to the sale of an online portal and the spin-out of certain other online businesses

    United Kingdom

    Advice regarding data policy implementation

    Advising on and drafting cyber policy wordings for the London market

    United Kingdom

    Advice relating to data storage and disaster recovery

    Advising clients on the international transfer of data for the purposes of data storage and disaster recovery

    United Kingdom

    Advising on cyber hacking and loss of customer data

    Advising a regulated business on the cyber hacking of its systems resulting in the loss of significant numbers of customer data including financial, sensitive personal data and credit card details, including identifying and assessing the risks, managing and mitigating loss and monitoring and reporting to the FCA, Fraud Squad and Information Commissioners Office

    United Kingdom

    Advising regarding email data breaches

    Advising a university following a high profile phishing attack against its students’ university email addresses

    United Kingdom

    Cyber liability & data breach insurance policies

    Providing review and drafting of policy wordings for cyber liability and data breach insurance policies

    United Kingdom

    Data & information management

    Advising in regards to data and information management, including compliance, auditing and risk management

    United Kingdom

    Data dispute resolution

    We are highly experienced in data dispute resolution, including court, tribunal and enforcement representations

    United Kingdom

    Data privacy & security advice

    Advising on data privacy and security including data breach investigation and response

    United Kingdom

    Data protection law compliance audit

    Carrying out a data protection law compliance audit of a major insurer, including preparing questionnaires, interviewing personnel and preparing a report with recommendations and actions for the business to mitigate the identified risks

    United Kingdom

Our Data Breach, Response & Recovery team

Lee Astfalck
Lee Astfalck

Partner

Scott Bertschi
Scott Bertschi

Partner

Mark Beswetherick
Mark Beswetherick

Partner

Reece Corbett-Wilkins
Reece Corbett-Wilkins

Partner

Nathalie David
Nathalie David

Partner

James Holmes
James Holmes

Partner

Thomas Lawrenson
Thomas Lawrenson

Consultant

Christopher MacRoberts
Christopher MacRoberts

Partner

John Moran
John Moran

Partner

Reshana Pillay
Reshana Pillay

Partner

Jan Spittka
Jan Spittka

Partner

Show more
View all lawyers

Show more