https://www.cyberscoop.com/capital-one-incident-response-mandiant-decision/
By Jeff Stone
CYBERSCOOP
June 11, 2020
When a judge ruled last month that Capital One must provide outsiders with a
third-party incident response report detailing the circumstances around the
bank’s massive data breach, the cybersecurity world took notice.
The surprise decision, in effect, determined that Capital One would need to
provide the forensic details — warts and all — about the hack to attorneys
representing a group of customers suing the bank. It’s the kind of report that,
if made public, could highlight technical and procedural failures that made it
possible for a single suspect to allegedly collect gigabytes of data about 100
million people from a bank with $28 billion in revenue.
Typically, hacked organizations are able to keep incident response reports
private and avoid costly suits by shielding the details under attorney-client
privilege. Not under this decision.
U.S. Magistrate Judge John Anderson of the Eastern District of Virginia ruled
that Capital One must provide a Mandiant report that’s likely to include
“engagement activities, results and recommendations for remediation” in
connection to the breach announced in July 2019. Capital One had argued that
the report should remain protected under legal doctrine.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
