Fried Frank Hit With Goldman Investment Data Breach Suit (2)

International law firm Fried, Frank, Harris, Shriver & Jacobson LLP failed to adequately safeguard the sensitive personal information of account investments associated with a Goldman Sachs private equity fund, a class action alleged Wednesday.

Goldman Sachs Asset Management LP confirmed a security incident might have exposed account holders’ information, but the law firm hasn’t notified account holders or offered credit monitoring services, the complaint filed in the US District Court for the Southern District of New York said.

“Fried Frank recently experienced a data security incident,” a spokesperson for the firm said in an emailed statement responding to an inquiry about the lawsuit. “We promptly acted to contain the incident and engaged industry-leading, external data security experts to assist in our response and in verifying the security of our systems and reported the matter to law enforcement. We have served and continue to serve our clients without disruption.”

Plaintiff Andrew Sacks said he had investment accounts with the Petershill Private Equity Seeding II Offshore Fund, which was managed by Goldman. The asset manager then entrusted Fried Frank to store sensitive personal data like addresses, social security numbers, and banking information, the complaint said.

But Sacks “is especially alarmed that he has yet to be notified” by the law firm that his data was compromised, the complaint said, and was instead only notified by Goldman.

The investment bank told investors of the incursion in a Dec. 19 letter filed with the complaint. The Wall Street law firm serves as outside counsel to many of Goldman’s alternatives funds. “We have been working closely with Fried Frank to better understand whether our data or our clients’ data may have been exposed. This analysis is ongoing and we will provide client-specific notifications as we learn more,” the letter said.

He said that if he’s known Fried Frank’s computer systems weren’t secure, he wouldn’t have trusted Goldman with his personal information.

“Goldman Sachs’ systems were not impacted by this incident and remain secure,” a spokesperson for the bank has said. “As always, we will continue to work to safeguard our clients and their data.”

The law firm hasn’t made offers to compensate victims for the data breach, and the victims can “face multiple years of ongoing identity theft,” according to Sacks’ complaint.

Sacks seeks to represent a class of every person whose data was compromised as a result of the breach and who were notified on or after December 19.

He brings claims for negligence, breach of implied contract, breach of fiduciary duty, and unjust enrichment. Sacks is seeking damages as well as a requirement that the law firm pay for at least 10 years of credit monitoring.

Sacks is represented by DannLaw.

The case is Sacks v. Fried, Frank, Harris, Shriver & Jacobson LLP, S.D.N.Y., No. 1:25-cv-10693, complaint filed 12/24/25.