Goldman Sachs Says Some Clients' Data May Have Been Exposed in Law Firm Data Breach - DataBreaches.Net

Goldman Sachs Says Some Clients' Data May Have Been Exposed in Law Firm Data Breach - DataBreaches.Net

Briefly

"Goldman Sachs Group Inc. warned investors in some of its alternative investment funds that their data may have been exposed in a breach at one of the bank's law firms. In a Dec. 19 letter, Goldman said it had been informed of a "cybersecurity incident" by Fried Frank Harris Shriver & Jacobson LLP, which serves as outside counsel to many of its alternatives funds. The bank said it was working with the law firm "to better understand whether our data or our clients' data may have been exposed.""

"The letter was included in a proposed class lawsuit* filed Wednesday against Fried Frank by Andrew Sacks, an investor in Goldman's Petershill Private Equity Seeding II Offshore Fund. "Goldman Sachs' systems were not impacted by this incident and remain secure," a spokesperson for the bank said. "As always, we will continue to work to safeguard our clients and their data." * The case is Sacks v. Fried, Frank, Harris, Shriver & Jacobson LLP. As Shweta Watwe of Bloomberg Law reports, Goldman Sachs is not a defendant in the suit."

"DataBreaches emailed Fried Frank to ask a few questions. Specifically, DataBreaches asked: Why does Fried Frank believe that any data that was exposed was "unlikely to be distributed or used improperly?" Did Fried Frank pay any ransom demand to get data deleted, or is there some other reason to believe it is unlikely to be used improperly or shared? Please explain. How many other clients of Fried Frank were affected, or was Goldman Sachs the only one? Was any HIPAA-protected data (protected"