The Securities and Exchange Commission ("SEC") announced that it has filed an application seeking an order directing the law firm Covington & Burling LLP ("Covington") to comply with a narrow subpart of an investigative subpoena for documents.

According to the SEC's filing in U.S. District Court for the District of Columbia, the SEC is investigating potential violations of the federal securities laws arising from the Microsoft Hafnium cyberattack, including among other things potential illegal trading and disclosure violations arising from the cyberattack. According to the filing, in or around November 2020, threat actors associated with the Microsoft Hafnium cyberattack maliciously and unlawfully obtained access to Covington's computer network and certain individual devices, including access to non-public files of nearly 300 Covington clients that are regulated by the SEC. The SEC learned of the cyberattack on Covington in early 2022 and issued the subpoena soon thereafter. Through its subpoena enforcement action, the SEC is seeking only the names of those clients whose files were viewed, copied, modified or exfiltrated by the threat actors. According to the filing, the SEC seeks this information to assist it in identifying any suspicious trading by the threat actors or others in those clients' securities, and whether such trading was illegal based on material non-public information that the threat actors viewed or exfiltrated as part of the cyberattack. In addition, the information will assist the SEC in determining whether the impacted clients made all required disclosures to the investing public about any material cybersecurity events in connection with the cyberattack. To date, Covington has refused to provide the names of all but two of the clients, and those two clients consented to providing their names to the SEC.

The SEC's application seeks an order from the court directing Covington to show cause as to why the court should not compel it to produce the documents as required by the subpoena. The application further seeks an order from the court, following its ruling on the order to show cause, directing Covington to comply with the subpoena. The application is subject to the court's ruling. The SEC is continuing its fact-finding investigation and, to date, has not concluded that any individual or entity has violated the federal securities laws.