Experience
Represented Client in Digital Forensics Investigations
Acted as breach counsel for a major nationwide mortgage lender which required digital forensics investigations involving over 30 states.
Represented Client in Business Email Compromise Event
Acted as breach counsel for a 200 year old non-profit organization who was targeted by a business email compromise. A threat actor posed as a known vendor and sent fraudulent wire transfer instructions via e-mail. Dinsmore swiftly acted to file an IC3 with the FBI and requested a financial fraud kill chain which resulted in a full recovery of the fraudulent transfer.
Advised Client in Unauthorized Email Access
Our firm jumped in when a major privately-owned US energy company was notified that an employee email account of a third party service vendor had been subject to unauthorized access for a period of a week due to a phishing scheme. The unauthorized access exposed energy company PII for thousands and required notice obligations around the country.
Defended Government Agencies in Charles Littlejohn Breach
Acted as breach counsel for multiple government agency clients that received notice letters that their information had been improperly accessed by an IRS employee. This incident, part of the Charles Littlejohn Breach, involved Charles Littlejohn, who stole tax return data of thousands of high-net-worth individuals and related entities between 2018 and 2020. He provided the stolen information to a journalism organization and other outlets. Littlejohn pled guilty to unauthorized disclosure of tax returns and was sentenced to five years in prison in January 2024.
Advised Client in Fraudulent Transfer that started with Phishing Attack
Acted as breach counsel for a leading energy production company that was targeted by a phishing attack using a fraudulent vendor domain. The threat actor gained access to an employee's e-mail, created rules to conceal communications, and diverted over $2 million to a fraudulent account. Dinsmore swiftly acted to file an IC3 with the FBI and requested a financial fraud kill chain which resulted in a full recovery of the fraudulent transfer.
Represented Client in Business Email Compromise Event
Acted as breach counsel for an entertainment company, operating since 1919, who was targeted by a business email compromise. A threat actor posed as a known vendor and sent fraudulent wire transfer instructions via e-mail. Dinsmore swiftly acted to file an IC3 with the FBI and requested a financial fraud kill chain which resulted in a full recovery of the fraudulent transfer.
Defense of Ransomware Incident for Multi-State Company
Acted as breach counsel for a multi-state medical service company involved in a ransomware incident. Our client was diligent in identifying unusual behavior, including the presence of encrypted files within their network environment and quickly notified Dinsmore to assist and navigate them through the attack. The incident exposed thousands and required notice obligations around the country.
Counseled Healthcare Technology Client in Breach Incident
Acted as breach counsel for a healthcare technology company that disclosed enterprise-wide connectivity issues and service application interruptions, attributing them to the ALPHV/Blackcat ransomware as a service (Raas) threat actor. This incident affected healthcare provider customers across the United States.
Served as Counsel for Cybersecurity Incident
Acted as breach counsel for a major nationwide mortgage lender during a cybersecurity incident involving compromised employee email accounts.
Defense of Data Breach Class Actions
Representation of health care and other industry clients in data breach class action litigation in both federal and state courts, drawing upon extensive expertise in litigation, data privacy and security laws and regulations, and data breach incident response and remediation, achieving dismissal of claims, successful narrowing of classes and prevailing on class certification, and favorable resolutions for clients up to and including outright dismissal.
Representation in Cyber Incident Response and Remediation
Representation of private and governmental entities in all aspects of cyber incident response, including working with federal and state authorities, conducting forensic investigations, guiding mitigation and remediation efforts, ensuring compliance with federal and state notification and other regulatory obligations and enforcement actions.
Representation of Health Care Clients in OCR/HIPAA Enforcement Actions and Investigations
Representation of numerous health care clients in OCR investigations relating to alleged HIPAA violations. The vast majority of these investigations have resulted in OCR deciding either: 1) no breach or violation occurred or 2) to close its investigation after the client’s response and documentation were provided.