A hacked US law firm must hand over a cybersecurity consultancy’s investigation report to a client after a judge ruled it wasn’t protected by attorney-client or work-product privilege. Filed under IT & Data Protection Topics Cybersecurity Data privacy Disputes Organisations Capital One FBI