Sami Martin Qureshi

Mr. Qureshi's experience includes advising:

• Meta (previously Facebook) in various multi-jurisdictional and high-profile data protection regulatory inquiries
• A global cryptocurrency coin exchange in response to a series of targeted account take-overs and cyberattacks, and in relation to general cyber security resilience, threat triage, and data privacy challenges
• A multinational enterprise software company in response to major cross-border Lockbit 3.0 supply chain cyberattack and service outage
• A market leading identity verification and fraud prevention company on investigation by the UK ICO
• A US-headquartered non-fungible token (NFT) marketplace in response to cyberattack, data theft, and ransom
• A US-based, industry-leading artificial intelligence developer in connection with regulatory scrutiny and investigation by UK and US law enforcement agencies
• The UK ICO, on all elements of strategy, investigation, and enforcement flowing from Operation Cederberg*
• A major Credit Reference Agency in connection with an industry-wide audit of the data-broking sector by the UK ICO*
• A leading UK/European stock exchange with respect to a cyberattack and incident response arising out of vulnerabilities identified within the systems of a recently acquired subsidiary company and following conclusion of the highly valuable and widely reported acquisition*
• A global brewery / beverage retail group of companies in relation to a major REvil cyberattack and data breach following deployment of ransomware within the organization*
• A global Credit Reference Agency with respect to an extremely high volume of Data Subject Access Requests purportedly brought on behalf of individual consumers by a claims management firm (which targets financial services companies and banks)*
• An international group of laboratories headquartered in Luxembourg with respect to two highly impactful and widely publicized cyberattacks and related data breaches*
• A multi-billion dollar US-based aerospace industry manufacturer with respect to corporate data theft, including forensic investigation, evidence analysis, suspect interviews, and liaison with data protection regulators and law enforcement agencies*
• The non-profit wing of a global financial services corporation / payment card scheme in relation to a multi-jurisdictional personal data breach*
• The UK ICO through an expert panel responding to a citizen-jury report examining the issue of explainability in artificial intelligence / machine learning technologies*
• An international brewery / beverage company in response to a series of alleged data breaches and connected legal claims*
• A UK consumer credit company with respect to claims brought for alleged breach of data protection law*
• A UK City Council with respect to repelling contentious Freedom of Information Act requests which sought to expose sensitive commercial information about a large scale city infrastructure project*

*Matter handled prior to joining Latham