Matthew E. Yarbrough

Key High-Profile Matters:

Since 1996, lead investigative, trial and/or advisor on over 2,000+ privacy, cybersecurity and data breach incidents in the United States and internationally.

Prosecuted the first data-intercept and voice communications wiretap of a coordinated hacker organization criminal ring against telecommunications companies in U.S. history, US v. Phonemasters (NDTX).

Acted as lead prosecutor in one of the largest ever theft of trade secrets cases brought under the Federal Economic Espionage Act (EEA), US v. Tejas (NDTX).

Acted as lead prosecutor in “Operation Seek & Keep,” resulting in the take down of the largest international money laundering and human trafficking operation in U.S. history, US v Shetty, aka Diaz (SDNY & NDTX).

Successfully defeated DOJ at trial in the defense of a multinational food industry corporation indicted by DOJ as part of an alleged corporate conspiracy to smuggle undocumented workers into the US, US v Tyson’s Chicken, DeLeon (NDTX).

Acted as lead prosecutor in criminal work-site enforcement case against large restaurant operator, resulting in the largest multi-million dollar criminal corporate fine against an employer in the nation, US v Pappadeaux & Pappacitos (NDTX).

Intellectual Property (IP) – Patent, Trade Secret, Trademark and Copyright Litigation:

Acted as lead prosecutor in the largest theft of trade secret cases prosecuted under the Economic Espionage Act (EEA) involving the theft of intellectual property via the hacking of a major U.S. manufacturer of turbine engines and sale of embargoed oil and gas machinery to Iran, US v. Tejas (NDTX).

As Counsel for Scott and Bacou obtained a favorable settlement in defending against five patents relating to breathing apparatuses for firefighters. Air Measurement Technologies, Inc. v. Scott Technologies, Inc. (WDTX) and Air Measurement Technologies, Inc. v. Bacou USA Safety, Inc. (WDTX).

Represented BMC Software in IP infringement action arising from the circumvention of measures that controlled access to copyrighted material; obtained civil search & seizure and with U.S. Marshalls conducted raid to seize evidence; obtained Consent Judgment of $1 million and Permanent Injunction, BMC Software v. CrabbyHacker.com (SDTX).

Represented large audio products manufacturer and executed a civil search warrant and seizure of counterfeit goods, obtained a permanent injunction and judgment of $1.25 million in trademark infringement case, Bose Corp. v. Vertigo Online (SDNY).

Represented large enterprise software company and obtained civil search and seizure order, and with U.S. Marshalls conducted raid to seize evidence. Obtained consent judgment of $1 million and permanent injunction for copyright infringement action arising from the circumvention of encryption measures that controlled access to copyrighted material under the Digital Millennium Copyright Act (DMCA), BMC Software v. CrabbyHacker.com (SDTX).

Obtained $5 million jury verdict for false advertising under the Langham Act and claims for misappropriation of business method in a case arising from the defendants’ palming-off of plaintiff’s IP and work, NDE Inc. v. Rainforest Creations(EDTX).

Cybersecurity, Hacking and Data Breach Matters:

Represented MGM Resorts International in one the largest ever data breach investigations concerning a gaming, hospitality, and entertainment company with regards to the exfiltration of customer PII on the Darknet successfully resulting no fines, penalties, or civil actions brought by states attorneys general.

Acted as lead prosecutor in US v. Gl0balHell, largest hack against U.S. Internet Service Providers (ISPs) by an organized criminal group of hackers known as Gl0balHell, US v. Gregory (NDTX).

Acted as lead trial counsel in DHS-Excel v. TTS (NDTX), involving claims under the Computer Fraud and Abuse Act (CFAA) in a civil context concerning the anti-competitive hacking of client’s computer system by a business rival resulting in an award of $10 million in damages for client.

Lead counsel representing plaintiff enterprise software company BMC against Crabby Hacker in a case involving a civil ex parte search warrant and claims concerning theft of trade secrets, Digital Millennium Copyright Act (DMCA) and trademark, BMC Software v. The Crabby Hacker (SDTX).

Defended 7-Eleven as a corporate victim on security breaches resulting from criminal tampering of POS terminals and ATMs; manages and led forensic investigations, breach notification and PR efforts surrounding crisis management resulting in the successful prosecution of threat actor by the US Secret Service and FBI, US v. Gonzales (D.Mass.).

Acted as lead counsel in representing virtual payment industry client, involving claims under the Computer Fraud and Abuse Act (CFAA) in a civil context concerning the alleged hacking of client’s computer system and theft of trade secrets by a business competitor, NexPay v. StoneEagle (NDTX).

International Corporate Investigations Against Government Entities, FCA-Whistle Blower, and “White-Collar” Matters:

Defeated the U.S. Attorney’s Office at trial and successfully defended Tyson’s Chicken corporate HR Manager indicted by the DOJ as part of a nationwide alleged conspiracy by the Board of Director’s to smuggle and employ undocumented workers, US v. DeLeon (NDTX).

Defended New York law firm and investigator in civil SEC investigation of alleged insider trading and collusion between law firms and hedge funds known for taking “short” positions on stocks. After defending client throughout “Wells” submission process, the SEC closed its investigation and dismissed case without instituting civil or criminal actions (SDNY/NDTX).

Successfully defended large national consulting firm against criminal charges by the TX AG’s office, TX Rangers and TxDPS concerning non-compliance with regulatory investigative requirements for U.S. consulting firms, resulting in a dismissal of all allegations, charges and enforcement matters, State of Texas v Navigant.

Represented 7-Eleven as a corporate victim that resulted in the successful prosecution by the State of Florida Attorney’s General Office against fraudulent franchisees and the return of millions of dollars in stolen proceeds, State of Florida v Bailey, et. al.

Represented FedEx/Kinko’s as a victim corporation against ring of Chinese hackers; led and coordinated investigative efforts with the U.S. Attorney’s Office SDNY that successful resulted in the criminal prosecution of hacker mastermind, US v Ju Ju Jiang (SDNY).

Defended largest corporate retail chain investigated by the DOJ and the U.S. Attorney’s Office for the EDNY as part of an alleged corporate conspiracy to employ, harbor, smuggle and traffic undocumented workers. Case successfully resulted in no criminal charges (EDNY).

Whistleblower action under the False Claims Act seeking more than $4.5 billion in damages. Case settled for less than 0.05 percent of the damages sought by the Government, U.S. v. ResCare, Inc. (NDTX).

Represented home-health care agency on allegations of federal False Claims Act (FCA) violations in a whistleblower action. Conducted internal investigation, responded to document requests and presented witnesses to government for interviews. Convinced government to decline intervention and obtained dismissal of suit, U.S. v. Louisiana HomeHealth (WDLA).

Data Life Cycle Counseling – Data Privacy, Cybersecurity, AdTech, Marketing, IoT, AI, & eCommerce Matters:

Advised clients on FTC, OCR, SEC and state Attorney General (including multistate taskforce) investigations and enforcement actions for alleged data security and privacy violations.

Advised and counseled clients on managing FTC Consent Orders and CIDs in connection with data security incidents.

Advised and counseled major health care providers and health plans on all aspects of HITECH security breaches, including HHS OCR and state enforcement.

Advised and counseled numerous major retailers, financial institutions, and other companies on proactive cybersecurity readiness, including developing and conducting full-scale tabletop (Executive Mock Data Breach) exercises for C-suite executives and Boards of Directors.

Counseled numerous technology companies (both as publishers and advertisers) on data collection and sharing issues (including online behavioral advertising and Big Data initiatives), collection and use of geolocation data and EU-US cross border data transfers.

Counseled major retail and consumer goods companies on privacy issues associated with the use of radio frequency identification (RFID) and data collection from mobile devices.

Advised multiple clients on privacy, monitoring and surveillance issues under federal, state, and international laws and prepared related customer policies and operational procedures for data sharing and monetization.

Conducted comprehensive privacy and information security policy assessments of major U.S. gaming, retail, entertainment, hospitality and consumer goods companies, including extensive data flow mapping, implementation of multiple privacy policies, information governance, security and records management procedures.

Developed and implemented comprehensive global records management program for one of world’s largest technology outsourced consultancy firms, including preparation and implementation of data security and privacy standards and procedures, numerous records retention schedules.

• Outstanding Prosecutor Award, US Department of Justice
• Outstanding Prosecutor Award, Federal Bureau of Investigation
• Outstanding Prosecutor Award, US Department of Homeland Security
• Top 40 Lawyers in America (Intellectual Property Litigation), National Law Journal
• Super Lawyer, Super Lawyers Magazine (2003-2022)
• Go-to Texas Lawyer for Technology, Texas Lawyer
• Business Defender of the Year, Dallas Business Journal
• Outstanding IP Litigator, D Magazine
• Pro Bono Lawyer of the Year, Dallas Bar Association
• FBI Special Recognition Award
• Texas Attorney General’s Special Recognition Award