August 11, 2020 Top Story

Cyberbreach Leads to Legal Malpractice Claim

Misrepresentation and mishandling of information allows claim to survive

By Jared H. Lorenz

A federal district court has concluded that a plaintiff had sufficiently stated claims based on a law firm’s alleged mishandling of a client’s confidential information. The client alleged that the firm breached the duty of reasonable care to fulfill its professional and ethical obligations when the firm allowed a hacker to breach the firm’s systems and obtain a copy of the client’s asylum application. The decision emphasizes the need to be cautious in protecting clients information against cyber attacks, ABA Section of Litigation leaders say.

A court concluded that a plaintiff had sufficiently stated claims based on a law firm’s alleged mishandling of a client’s confidential information

A court concluded that a plaintiff had sufficiently stated claims based on a law firm’s alleged mishandling of a client’s confidential information

Cavan Images / Collection: Cavan / GettyImages

Vulnerable Target

The litigation in Guo Wengui v. Clark Hill, PLC, et al. arose after a well-known Chinese businessman and prominent political dissident retained a law firm to assist him with an asylum petition. According to the complaint, he allegedly warned the firm of his prominent position as a critic of the Chinese regime, the risks associated with his position as a critic, and numerous cyber attacks directed toward him and his associates.

The defendants agreed to take special precautions in protecting the plaintiff’s sensitive confidential information. They assured him that “they were qualified, capable, and competent to represent plaintiff and to protect his interests fully and professionally.” Relying on these commitments regarding the protection of his confidential information, the plaintiff hired the firm to represent him.

Premium Content For:
  • Litigation Section
Join - Now