Chapman Spingola’s Peter Spingola and Mike Fatall successfully represented a global leader in the provision of IT-based transaction management and data analytics services to retail energy service providers in connection with a sophisticated ransomware attack. The attack caused a complete shutdown of certain client IT production systems, adversely affecting its retail energy customers, public utilities and trading partners in the energy transaction services supply chain.
The firm’s representation highlighted the multidisciplinary approach often required to navigate clients through a cybersecurity incident successfully. Peter and Mike deployed members of the firm’s cybersecurity, litigation and transactional practices to navigate the client through the various stages of the incident, including investigation and forensics analysis; remediation efforts; handling customer, utility and trading partner claims; and negotiating and re-negotiating going-forward contractual arrangements.
With Chapman Spingola’s counsel, the client was able to minimize system downtime, limit damages exposure and maintain workable and efficient going-forward security controls.
Given the involvement of certain public utilities, the firm also presented arguments in New York Public Service Commission proceedings intended to establish and update applicable state-wide cybersecurity obligations. Chapman Spingola’s participation in these proceedings helped shape the nature and scope of the cybersecurity requirements ultimately imposed by the public utilities, including helping to educate the utilities and other participants on the importance of imposing risk-appropriate data security obligations, especially where access to critical energy infrastructure was not involved.