The copious amounts of spreadsheets in the collection were apparently handed over to Gary Sinderbrand, the former financial adviser, with no confidentiality agreement. Angela A. Turiano, the lawyer who sent him the files on a CD, explained that what happened was a mistake caused by working with an outside vendor. That vendor was supposed to vet the documents as part of the court's discovery process and ensure Sinderbrand only received a handful of emails and files related to the case. The plaintiff was also supposed to receive a protective order issued by a judge with the files, but he didn't get one, as well.
Turiano said she asked Sinderbrand and his lawyer to return the CD. The lack of confidentiality agreement means the former adviser can legally release all the information he got, after all. If he does, it's Wells Fargo that will be in even more trouble. According to NYT, the vendor error can be classified as a data breach that "potentially violates a bevy of state and federal consumer data privacy laws that limit the release of personally identifiable customer information to outside parties." Considering the affected clients aren't your Average Joes, they can more than afford to hit the bank where it hurts.
It's unclear if Sinderbrand will comply with Turiano's request. His lawyer said the plaintiff plans to keep the CD secure and confidential for now as they "evaluate his legal rights and responsibilities." Either way, it was Wells Fargo's job to keep those clients' data under lock and key. If it can fail to protect its top customers, then what hope is there for the rest of us?