Client: One of the world’s largest computer hardware manufacturers.
Situation:
An employee of the Client’s Moscow office, without notifying the security officer, installed a corporate network-attached storage (NAS) device at home and connected it to a static IP address. As a result, the NAS was subjected to multiple successful external attacks, leading to a leak of confidential information.
Our Solution:
CSI Group experts conducted a comprehensive forensic investigation of the incident:
Analyzed event and access logs.
Identified the dates, times, and user accounts used for unauthorized access.
Uploaded all available data from the NAS to the eDiscovery platform for further automated processing and classification based on confidentiality levels.
Reconstructed the scenario of unauthorized access and identified IP addresses from which the remote connections were made.
Evaluated the leaked data in terms of legally protected information: personal data, trade secrets of the company and its Clients, and other confidential content.
Result:
The detailed report prepared by CSI Group enabled the Client to avoid regulatory penalties and mitigate reputational damage.