We were retained to investigate accusations that a special education teacher had been browsing the internet for adult content, including suspected child pornography. The school’s web traffic monitoring software had flagged a site the teacher had visited. Given the severity of the accusations, the school executives wanted to verify with certainty that the allegations were accurate.
Case Study
Inside Job
The Situation
Our client, an industry-leading manufacturer of fuel cells, was involved in a large lawsuit related to the termination of an employee. The client believed an accomplice in IT, who had previously received advanced technical training in the military, was helping the ex-employee steal data from the company.
The Challenge
Confidential information only known to certain senior executives had inexplicably appeared in communications from opposing counsel, leading the client to suspect their network had been compromised. The CEO had emailed the leaked data internally, suggesting that the company email system had been one target of the suspected breach.
The Solution
Our Incident Response team analyzed the client’s file and mail servers and several months of activity logs. We discovered that an outside user had made multiple attempts to access data on each server. This user had successfully accessed one of the file servers and the mail server, using credentials that we determined had been created by the IT accomplice. These credentials were used for access after this IT employee had been terminated. Furthermore, the same IP address had accessed the CEO’s email account over a period of six months.
The Outcome
After discovering the unauthorized access to the client’s file server and the CEO’s email account, we assisted the client in securing the vulnerabilities in their network. Due to the sensitivity of the client’s products, the data and our report were delivered to Homeland Security and other law enforcement agencies for further investigation.
Key Success
Rapidly determined the method, intent, and suspected perpetrator of the network breach.
We are a leading provider of computer forensics and e-discovery services for businesses and law firms nationwide. We don’t take chances with your data when litigation is a possibility, and proper handling is critical.
Related Case Studies
Digital Theft of IP
Our client was a corporation investigating suspected theft of intellectual property by a former employee. The employee had left for a competitor, allegedly taking proprietary customer and technical data with him. The client suspected the defendant had attempted to cover his tracks by wiping his computer. The case ultimately involved multiple computers, external media, and mobile devices.the crime.