Ruth Promislow, partner at Bennett Jones LLP, says police and external legal counsel should be near the top of your list of contacts after a data breach. Having outside counsel is important, she says, because correspondence with in-house counsel has been held not to be privileged. She practices commercial litigation with a focus on commercial crime, including cybersecurity, investment fraud, employee fraud and anti-money laundering. She oversees and conducts internal investigations for clients, working with internal and external auditors.”]
Source: https://www.cuinfosecurity.com/who-should-be-contacted-after-breach-a-10309