Data Breach

Data Breach

We have assisted our clients with more than 1,000 data breaches worldwide. Our experience assisting clients with highly complex, large-scale security breaches is renowned.

Companies spend an average of $5.5 million rebuilding their brand and retaining customers after suffering a data breach. The number of cyber attacks continues to rise at an unprecedented rate. Based on a recent study, the average cost of a data breach has increased 15%. Given the potential costs associated with a data breach or cyber incident, companies need a law firm with significant experience when an information security incident occurs.

Our extensive work assisting clients with data security breaches distinguishes Hunton & Williams LLP from other firms. Since the original enactment of California’s security breach notification law in 2003, we have assisted clients with more than 1,000 information security breaches. Many of these breaches have included watershed incidents that garnered headlines across the globe. We have worked on a wide range of breach issues for companies, from the simple theft of a laptop to cyber-extortion against a publicly traded company. We regularly serve as liaison to the US Secret Service, FBI, US Department of Justice and Federal Trade Commission on behalf of our clients in these matters. Because of the complexity of the issues, we approach data security and possible breaches in an interdisciplinary fashion.

Our Clients
We represent a diverse group of clients with respect to data security breaches, including retailers, consumer goods companies, food companies, energy companies, manufacturers, high-tech companies, financial institutions, financial services companies, electronic publishers, health care providers, medical device companies and insurance issuers.

A Comprehensive Approach
Hunton & Williams provides comprehensive counseling through an integrated team of legal professionals in the three critical legal areas implicated by data security breaches and cyber incidents: (1) privacy and regulatory response (including SEC compliance), (2) government and internal investigations and (3) remediation and litigation.

An Integrated Team
Our global privacy and cybersecurity practice has been named the world’s leading global privacy practice by Computerworld magazine in each of its four surveys. Chambers and Partners also has recognized the preeminence of Hunton & Williams' privacy and cybersecurity practice in its Chambers Global, Chambers USA and Chambers UK guides, identifying the firm in “Band 1” for Privacy and Data Security. With recent experience in the federal government, our cyber and internal investigations lawyers bring together years of experience in handling significant data security breach investigations. We have extensive experience working on cybersecurity matters with federal prosecutors, FBI and Secret Service, investigators, the FTC and other government agencies. Our corporate and securities lawyers have counseled the world’s top companies and boards of directors in disclosure requirements arising from data security breaches.

Post-Breach Counseling
In the event of a breach, our lawyers bring a wealth of experience, having handled some of the most significant breaches in the past decade. Our integrated approach ensures that the best privacy, internal investigations and securities law counseling is provided in a coordinated manner at a time when companies often feel under siege and in crisis.

Our Experience
Hunton & Williams’ global privacy and cybersecurity practice focuses on providing legal services in the cybersecurity context, including:

  • Analysis of legal requirements under state, federal and international breach laws.
  • Comprehensive assistance with significant information security breaches, including network intrusion investigations, customer notification, state and federal regulatory negotiations, discussions with payment card issuers, and public relations, call center and investor relations communications and training.
  • Preventing and managing cyber events, from security planning, risk assessment and cybersecurity insurance coverage, to incident response and litigation and other disputes.