In July 2019, notorious hacker, Paige Thompson committed what is now recognized as largest known data breach in the American banking sector. Ms Thompson accessed the personal data of 106 million Capital One customers by ‘misconfiguring’ the Amazon Web Services server holding their data. This data breach exposed the personal information of millions of customers including their: names, phone numbers, addresses, birthdays, emails and credit scores. It also exposed 140,000 social security numbers, the details of 80,000 bank accounts and 100 million credit card applications. Ms Thompson was sentenced to a maximum of five years’ imprisonment and fined $250,000 USD.
Following the cyberattack, Capital One’s insurer refused to pay out the $400 million insured by the policy. The insurer claimed that they were not required to payout the insurance funds as Capital One failed to adequately implement internal security protocols which, if implemented, would have prevented the breach from occurring. The cybersecurity firm advising Capital One was required to tender the advice provided as evidence against the client in court. This exposed Capital One to the risk of further liability and the possibility of not receiving an insurance payout or receiving a substantially lower payout.
Had the cybersecurity advice been provided by lawyers, the advice would have been subject to legal professional privilege. This means that the advice would have been considered confidential legal advice and likely to held to be inadmissible in court, thus, limiting Capital One’s liability. Luckily, here at Wise Law, our cyber advice is provided by lawyers. This means that the advice we provide you is subject to legal professional privilege and kept confidential.
Book your cyber audit today!
Emmanuela Yiolitis is a final year Bachelor of Laws (Hons) / Bachelor of Arts student at La Trobe University. She is is currently writing a law honours thesis on the prosecution of cybercrime under the supervision of Professor David Watts. Outside of WiseLaw, she works as a paralegal to a leading barrister and as a customer success specialist with Immediation Pty Ltd.
Find out more about how we can help you improve your cybersafety, protect your business continuity in uncertain times, and protect your clients from malicious actors.