## 0 notifications total Skip to search Skip to main content Keyboard shortcuts Close jump menu [](https://www.linkedin.com/feed/?nis=true) – [new feed updates notifications Home](https://www.linkedin.com/feed/?nis=true&) – [My Network](https://www.linkedin.com/mynetwork/?) – [Jobs](https://www.linkedin.com/jobs/?) – [Messaging](https://www.linkedin.com/messaging/?) – [Notifications](https://www.linkedin.com/notifications/?) –  Me – For Business – [Advertise](https://www.linkedin.com/campaignmanager/accounts?) – [Edit article](/article/edit/7426031885107105792/) – [View stats](/analytics/post-summary/urn:li:activity:7430283777060294656/) – [View post](/feed/update/urn:li:ugcPost:7426037652572901376/) [%5D(/newsletters/the-technology-blindspot-7420527610142629889/) [The Technology Blindspot](/newsletters/the-technology-blindspot-7420527610142629889/) 389 subscribers Subscribed  # THE SIX-WEEK SILENCE Your Ethical Obligation When Client Data Is Compromised [%5D(/in/jdavidmorris/) [## JD Morris](/in/jdavidmorris/) COO & CoFounder LexAxiom | Agentic AI for the Business of Law | Kazeon → EMC | Dell · VMware · Cisco | Texas A&M MLS Law | Columbia MBA | Berkeley MBA | GW MEng | Auburn Physics February 19, 2026 **THE TECHNOLOGY BLIND SPOT** On the morning of July 29, 2017, a network administrator at Equifax renewed an expired TLS certificate. Routine maintenance. The kind of task that barely registers in an incident log. But the moment encrypted traffic resumed flowing through the company’s monitoring tools, alarms lit up across the security operations center. Anomalous outbound data transfers. Unauthorized access patterns. Evidence of exfiltration stretching back seventy-six days, to mid-May, when attackers first exploited an unpatched Apache Struts vulnerability that had been publicly disclosed and patched in March. What happened next became a case study in institutional failure. Equifax waited six weeks to inform the public that personal records of 147.9 million Americans had been compromised. During that silence, three executives sold $1.8 million in company stock. The notification website Equifax eventually launched forced consumers into terms that waived their right to join a class-action lawsuit. The company lost $4 billion in market value, paid $1.38 billion in settlements and remediation, and handed Congress a textbook example of what happens when an organization treats breach disclosure as a liability management exercise rather than a legal obligation. Equifax is not a law firm. But the disclosure failures that defined its breach raise a question that every attorney in private practice should be asking: if your firm suffers a breach exposing client data, what exactly do the Model Rules require you to do, how fast must you do it, and what happens when you delay? **The Direct Answer** **Your ethical obligations after a breach extend well beyond compliance with state notification statutes. ABA Formal Opinion 483 requires attorneys to monitor for breaches, stop ongoing intrusions, investigate what happened, and notify affected current clients of any material compromise of confidential information. State laws increasingly impose firm deadlines of 30 to 60 days. The SEC can subpoena your client list. And delay compounds every category of harm: financial, reputational, regulatory, and disciplinary.** This is not a cybersecurity article dressed in legal language. This is an analysis of the ethical framework that governs how attorneys must respond when client data leaves their control. **The Ethics Framework You Cannot Ignore** ABA Formal Opinion 483 (2018) established the profession’s most comprehensive guidance on post-breach obligations. The opinion grounded its analysis in three Model Rules that every attorney should know by number. … (truncated) — Page HTML was not saved to sandbox storage, use another tool if you want to perform DOM analysis

Originally published on LinkedIn Newsletter: The Technology Blind Spot