Goldman Sachs Warns Fund Clients of Potential Data Exposure After Law Firm Cyberattack

Goldman Sachs warns fund clients of possible data exposure after law firm Fried Frank suffered a cyberattack; bank's systems remain secure.

EcoPulse24 News Desk By EcoPulse24 News Desk Published: 12/25/2025, 10:08:00 UTC Updated: 1/21/2026, 20:53:34 UTC
Share
Goldman Sachs Warns Fund Clients of Potential Data Exposure After Law Firm Cyberattack
Goldman Sachs Warns Fund Clients of Potential Data

United States | EcoPulse24

According to Bloomberg, Goldman Sachs has warned some investors in its alternative investment funds about the potential exposure of their data following a cyberattack that targeted Fried Frank Harris Shriver & Jacobson LLP, a law firm providing legal services to the bank.

In a letter dated December 19, Goldman Sachs stated it had been notified of the cybersecurity incident at Fried Frank, which serves as external counsel to several of the bank’s alternative investment funds. The bank noted it is working with the law firm to determine whether any bank or client data was compromised.

The disclosure came to light as part of a proposed class action lawsuit filed Wednesday against Fried Frank by Andrew Sachs, an investor in Goldman Sachs’ Petershill Private Equity Seeding II Offshore Fund.

Goldman Sachs confirmed in an official statement that its internal systems were unaffected by the incident, emphasizing that its systems remain secure and that it continues to uphold the highest standards in protecting client data.

Fried Frank did not immediately respond to requests for comment but informed Goldman Sachs that its network is now secure and the vulnerability exploited in the breach has been resolved. The law firm also indicated that any accessed data is unlikely to be distributed or misused.

Goldman Sachs further stated in the letter that it is conducting an independent assessment of the law firm’s cybersecurity measures to verify the effectiveness of the remediation, reiterating that data security is a top priority for the bank.

The U.S. District Court for the Southern District of New York is currently reviewing the case, which could spark a broader discussion on the cybersecurity risks associated with external service providers relied upon by major financial institutions.

Analytical Perspective | EcoPulse24

This incident underscores that cybersecurity risks are no longer confined to banking systems themselves but extend to external partners such as law firms and service providers. As financial institutions increasingly depend on third parties, the importance of digital risk governance and comprehensive data protection standards across the entire value chain grows - particularly in the alternative investment sector, which handles highly sensitive and valuable data.

Sources & References
Bloomberg
Editorial Note
Edited & Reviewed by the Ecopulse Editorial Board 1/21/2026, 20:53:34 UTC
Disclaimer
The content provided by EcoPulse24 is for informational and educational purposes only and does not constitute financial, investment, legal, tax, or any other type of professional advice. By using this content, you agree to the Terms & Conditions. All opinions expressed are those of the EcoPulse24 editorial team and do not represent the views of any third-party data providers or institutions. Investments involve risk, including the possible loss of principal. Past performance is no guarantee of future results. Readers should conduct their own due diligence and consult qualified professional advisors before making any investment decisions. EcoPulse24 and its affiliates, editors, and contributors shall not be held liable for any errors, omissions, or any losses, injuries, or damages arising from the use of this information.

© 2025 EcoPulse24. All rights reserved.