On June 27, 2017, the law firm DLA Piper (“law firm”) found itself to be one of many of targets of a recent global cyber attack. The attack reportedly did not compromise any client data. [1] Reports indicate that, even though email service was disrupted by the attack, lawyers were still able to communicate through text messaging and telephone calls. This attack on the law firm, which by all accounts was aptly prepared for a cyber attack, demonstrates that no business is completely safe and incident response preparation will continue to be a key element in cyber security.
This cyber attack was discussed in a recent decision and provides further proof that data breaches should not be the only concern when considering cyber security. In Cone et. al. v. Hankook Tire Co., 2017 WL 3446295 (Aug. 10, 2017 W.D. Tenn.), the District Court for the Western District of Tennessee heard arguments during a show cause hearing on questions whether certain attorneys at the law firm, as counsel for the defendant, Hankook Tire (“Hankook”), should be held in contempt after jurors were mistakenly contacted after trial without the District Court’s permission. While the attorney at the law firm was not held in contempt of court, the District Court made clear that cyber incident, which limited email communications, did not excuse the improper contact of jurors.
The conduct giving rise to the show cause hearing took place after a verdict was returned in favor of Hankook on June 30, 2017. At some point shortly after the case reached a verdict, the court clerk was informed that a “jury researcher” had contact with some of the jurors. This contact violated the local rules because the parties did not have permission from the District Court to contact jurors to discuss the case. On July 20, 2017, the District Court issued an order requiring the parties provide information on the jury researcher.
In response to the order seeking information on the jury researcher, counsel for Hankook filed a statement confirming they hired the jury researcher that followed up with the jurors. However, the response filed by Hankook made clear that one of its attorneys (“Sender Attorney”) put into motion a “series of mistaken assumptions” that resulted in the jurors being contacted without the District Court’s permission. The response indicated the jurors were contacted under the following circumstances:
- On June 27, 2017, prior to the conclusion of the trial, the law firm suffered a cyber attack, disabling the firm’s email.
- On July 3, 2017, Sender Attorney emailed the jury researcher to inform them that a favorable verdict was returned for Hankook. Sender Attorney copied another attorney at his firm (“Copied Attorney”) on this email. The jury researcher responded on the same day asking whether they could contact the jurors. Sender Attorney stated that he thought the jury should be contacted unless the Copied Attorney disagreed.
- On the day after the trial ended, the Copied Attorney was traveling to South Korea and never saw the emails discussing whether the jury researcher should contact the jurors. The Copied Attorney’s email was not restored until some point after Sender Attorney’s email had been sent.
Based on this timeline, Copied Attorney was not aware of Sender Attorney’s email until some point after the District Court issued the order seeking information on how jurors were contacted after the trial. Copied Attorney further stated that if he would have seen the emails, he would have instructed Sender Attorney to reach out to the other attorneys working on Hankook’s defense to determine if the jurors could be contacted by the jury researcher. Unfortunately, with Copied Attorney silent on the issue, Sender Attorney and the jury researcher “mistakenly assumed” there was no reason to hold off on contacting the jurors.
The District Court found that Sender Attorney’s violation of the local rules was the result of “a series of questionable assumptions,” but did not rise to the level of contempt of court. While the holding in Cone may have little or no impact on the overall case, the District Court’s finding that there was a series of mistaken assumptions illustrates the impact that a cyber incident may have on the daily operations of any business. In short, this cyber attack is further proof that we will likely continue to see cyber incidents causing communication disruptions in a variety of businesses.