Court Orders Capital One to Release Mandiant Forensic Report on Data Breach

ZDNet reports that Magistrate Judge John Anderson from the US District Court for the Eastern District of Virginia ordered Capital One to turn over a copy of a forensic report prepared for Capital One by Mandiant to attorneys suing the firm on behalf of customers impacted by a massive 2018 breach.  Roughly 100 million US citizens and 6 million Canadian citizens had their data stolen from Capital One. The decision is significant because victims of data breaches routinely assert attorney-client and work product privileges in connection with forensic reports prepared in anticipation of litigation. Here Judge Anderson stated that "[t]here is no question that at the time Mandiant began its 'incident response services' in July 2019, there was a very real potential that Capital One would be facing substantial claims following its announcement of the data breach. Therefore, the determinative issue is whether the Mandiant Report would have been prepared in substantially similar form but for the prospect of that litigation." The judge found that the Mandiant report would have been produced in any event, and declined to find that it was privileged.