Data breaches are no longer isolated incidents—they are inevitable events that expose millions of records and drive costly litigation. When these breaches evolve into class actions, administrators stand at the center, responsible for protecting sensitive data and managing large settlement funds. This presentation examines the escalating threat environment, the limitations of insurance, and the proactive measures organizations must adopt. It also explores the legal and ethical responsibilities at stake, the risks that emerge during litigation and settlement, and the real-world lessons learned from cases that went wrong. Together, these insights provide a roadmap for strengthening resilience against today’s most dangerous cyber threats.
CLE Learning Objectives:
Identify and assess the latest cybersecurity threats impacting class action litigation, including current breach statistics, trends in targeted attacks, and industry sectors most vulnerable to cybercriminal activity
Recognize key vulnerabilities across the entire class action lifecycle-from the initial data breach through litigation and settlement administration-and how these vulnerabilities can be exploited by threat actors
Breakdown the legal and ethical obligations related to data security in class action practice, including compliance with professional responsibility rules such as ABA Model Rule 1.6, court expectations around disclosure and data handling, and how failing to meet these obligations can expose counsel and their clients to significant legal liability
Evaluate the limitations of cybersecurity insurance coverage by analyzing common exclusions, gaps in protection, and policy ambiguities
Implement practical and proactive cybersecurity protocols throughout the litigation and settlement process, including strategies for incident response, internal risk management, secure data transfer, and vendor due diligence
Anticipate and prepare for emerging cybersecurity threats, including increasingly sophisticated social engineering attacks, deepfakes, and the use of generative AI in fraudulent claim submission or impersonation
