Gordon Rees Scully Mansukhani, LLP. logo.

Cyber, Privacy & Data Security

Our national team of lawyers has vast experience resolving all manner of privacy and data security claims for our clients in the public, financial, healthcare and general commercial industries. We have defended hundreds of class actions, third-party demands and government investigations involving data breaches, fund-transfer fraud, cybersecurity preparedness, tracking software claims, breach of contract and many other privacy and data-related issues. Our strength is backed by years of experience helping our clients respond to litigation arising out of data security incidents and cyberattacks and includes a close partnership with the risk management lawyers in our Privacy & Data Protection team to provide a case-specific strategy to respond to litigation. Cyber Incidents know no boundaries, and representing clients in federal, state, and multi-district litigations, our team leverages our experience across our 50 state platform to get the best results for our clients, wherever they face claims, nationwide.

Businesses face new and growing cybersecurity threats every day. We are seasoned commercial litigators with years of experience guiding clients through these complex issues in both standard technology related suits as well as large class action lawsuits where classes can range into the millions. We have litigated on behalf of clients in the financial services, healthcare, online retail and many other industries, as well as municipalities and other public sector entities and, based on our extensive experience in this sector, we have our finger on the pulse of what the law is, and how it is evolving, which allows us to provide efficient and tailored legal services to our clients. We also counsel clients and defend them in response to regulatory inquiries and investigations, including by the Federal Trade Commission and state Attorneys General. And, where necessary, we assert claims for clients who suffered economic loss due to data breach.

Recently, we have:

  • Resolved in excess of one hundred nationwide data breach class action cases alleging claims on behalf of tens of millions of putative class members and ensuring minimal reputational and monetary harm to our clients
  • Represented some of the largest healthcare companies in the country in complex tracking technology and Pixel related litigation in jurisdictions across the nation
  • Represented large financial, commercial and healthcare institutions in complex class action lawsuits involving statutory allegations, including among others, a multitude of state consumer protection statutes, the Illinois Biometric Information Privacy Act (BIPA), the California Confidentiality of Medical Information Act (CMIA), the California Consumer Privacy Act (CCPA), and the California Invasion of Privacy Act (CIPA).
  • GRSM is well versed in Multidistrict Litigation in data breach and privacy related litigation, and recently lead the charge to achieve formal centralization and consolidation of dozens of related data breach class action lawsuits from around the country
  • Counseled corporate clients through governmental and internal investigations

A single data breach can result in claims in many jurisdictions. With lawyers based in every state in the nation, GRSM provides a single, coordinated response aimed at eliminating, reducing and consolidating claims. This approach can lead not only to a more effective strategy but also considerable cost savings for our clients.

Our litigators work closely with the lawyers in our Privacy & Data Protection team, who work with our clients every day to prepare for future cyberattacks, ensure compliance with data privacy laws and regulations and minimize the associated risks. This approach pays dividends in the event of future litigation, not only because our clients are fully prepared, but also because our cross-disciplinary team has a deep knowledge of our clients’ businesses and how their technology works.

We have years of experience responding to cybersecurity incidents; which helps inform our litigation approach on behalf of our clients in the event these incidents lead to litigation. We have experience working with our clients’ management teams, IT professionals and in-house counsel to navigate the dynamic situation that follows a data breach, helping them to meet their reporting requirements, work with third-party forensics experts and address reputational issues.

Related Content