IT and data long ago became critical parts of almost any business. These, coupled with the huge increase in popularity of cryptocurrencies, internet banking, and online sales of goods and services, have made cybercrime lucrative for criminals. The impact of cybercrime on victims, both corporate and individual, can be devastating.  

At Stewarts we recognise the inherent risks and difficulties our clients face in responding to a cybersecurity incident. Our specialist team combines vast experience of complex relevant disputes. We have a proven track record of success in relation to our niche legal and technical skills.

We respond extremely quickly and effectively from the first stage of a cybersecurity incident onwards, so that our clients minimise any financial and reputational damage. We also assist with regulatory reporting and investigations.

The expert legal service we provide includes:

  • Pursuing swift interim relief proceedings where appropriate, to assist with the identification of the perpetrators and to recover funds;
  • Responding to and initiating civil litigation claims in relation to data breaches;
  • Leading expertise in criminal law and how clients should respond to police investigations;
  • Immediate reputation management, strategic and legal services, as well as advice upon internal corporate communications;
  • Technical, specialist advice on the data protection legal position to guide the client on whether to report to regulators, and how to communicate with them. Not every breach needs to be reported to regulators;
  • Managing communications and relationships with regulators during investigations; and
  • High level IT knowledge which allows our lawyers to work seamlessly alongside digital investigation and asset tracing teams.

Our advice and representation come hand-in-hand with market-leading litigation funding options, allowing clients to manage their costs risk.

The matters on which we have acted include the following:

  • We recently obtained the first proprietary injunction over a cryptocurrency to be made by the English High. Our client had been defrauded of over £1.2 million of Bitcoin. Having located the wallet in which £1 million of the Bitcoin were held, we brought proceedings against “persons unknown” and obtained a Bankers Trust Order (requiring a crypto-exchange to disclose the identity of the wallet’s owner) and an “asset preservation order” to secure the Bitcoin. Read about the case in full here – A Bitcoin first? Stewarts obtains asset preservation order over cryptocurrency.
  • In a complex commercial dispute arising out of the sale of a portfolio of hotels, our client alleged that the defendant had illegally acquired private and legally privileged information by computer hacking. On that basis – i.e. that the defendant had “unclean hands” – we sought the discharge of certain injunctions. The court ordered that the matter be tried as a preliminary issue (i.e. prior to the main trial) and, shortly afterwards the defendant dropped all his claims. (Orb a.r.l. & others -v- Ruhan  [2016] EWHC 850 (Comm))
  • We successfully applied on behalf of our clients for an order under CPR25.1(1)(c) that our clients had “good reason” to receive electronic data alleged to contain criminal material. (This is the first and only occasion on which such an order has been obtained). Without such an order our clients would have been committing criminal offences under the Protection of Children Act 1978, Criminal Justice Act 1988 and the Serious Crime Act 2007. Having successfully obtained this order, our clients were able lawfully to use this material to: (i) investigate their allegations that the defendant was planning to upload the illegal material to our clients’ servers to incriminate them; and (ii) obtain Norwich Pharmacal injunctions against third parties. (Orb a.r.l. & others -v- Ruhan [2015] EWHC 3638 (Comm)).
  • Acting for clients in commercial litigation in which, amongst other things, the defendant was alleged by our clients to have unlawfully obtained our clients’ data in breach of section 4(4) of the Data Protection Act 1998 and committed a criminal offence under s.55 of that Act. We successfully obtained injunctive relief requiring a third party to disclose information relevant to those allegations. (Pro Vinci Ltd & others v Quest Global Limited [2014] EWHC 4723 (QB); and Pro Vinci Ltd & others v Quest Global Limited [2015] EWHC 1073 (QB)).
  • Acting for a client defending a £multi-million claim alleging hacking and dissemination of confidential information.

If you require assistance, please contact us or request a call from one of our lawyers.

Meet the Cybersecurity team

Our specialist cybersecurity team, comprising some of the UK’s leading litigation lawyers, combines vast experience of complex relevant disputes.

We have a proven track record of success in relation to our niche legal and technical skills.

David Savage - Partner, Financial Crime - Stewarts