Internet Law & Cyber-Security

Filter By Topics: Topic

We're Sorry

No Results Found

We're Sorry

No Results Found

We're Sorry

No Results Found

MONTH-IN-BRIEF (Jun 2020)

Cybersecurity

Law Firm Faces Counterclaim in ERISA Case due to Work from Home and Personal Email Policies

By Jessica Poggi, Duke University School of Law

A Pennsylvania law firm is facing a claim that its lax security procedures contributed to the theft of $400,000 worth of 401(k) funds from the firm’s retirement accounts. Leventhal v. MandMarblestone, Grp., C.A. No. 18-cv-2727 (E.D. Pa. May. 27, 2020).  According to the pleadings, criminals were able to gain access to the funds by obtaining a copy of an employee’s withdrawal receipt. The criminals then used the information to remove the entirety of the funds in the employee’s account.

The firm, Leventhal Sutton & Gornstein, sued the third-party administrator of the account, alleging that the administrator breached its fiduciary duty by allowing the criminals to access the funds. The administrator then filed a counterclaim against the firm, asserting that by allowing employees to work from home and use their personal emails for business, the firm created a cyber-security risk. The administrator further alleges that the risk constitutes a breach of the firm’s duty as a co-fiduciary under the Employee Retirement Income Security Act. U.S. District Judge Mitchell S. Goldberg allowed the counterclaim to move forward, noting that ERISA allows for claims of contribution and indemnity.

Data Privacy

Airbnb & NYC Settle Customer Data Suit

Login or Registration Required

You need to be logged in to complete that action.

Register/Login