{"id":2560,"date":"2021-12-03T11:39:16","date_gmt":"2021-12-03T17:39:16","guid":{"rendered":"https:\/\/staging2.idsinc.com\/case-studies\/maintaining-electronically-stored-information-copy\/"},"modified":"2022-12-07T14:11:15","modified_gmt":"2022-12-07T20:11:15","slug":"suspected-data-breach","status":"publish","type":"page","link":"https:\/\/idsinc.com\/en_gb\/case-studies\/suspected-data-breach\/","title":{"rendered":"Suspected Data Breach – Determining What Data Was Accessed to Decide Whether Reporting Was Necessary"},"content":{"rendered":"\n
\n
\n
\n
\n \n
\n
\n \"Suspected \n <\/div>\n \n \n <\/div>\n <\/div>\n <\/div>\n <\/div>\n
\n
\n
\n \n
\n

\n \n CHALLENGE <\/span>\n\n \n \n <\/span>\n <\/h1>\n<\/div>\n\n\n
\n
\n
\n
\n
\n
iDS\u2019s client believed that they might have been the victim of a data breach.<\/h5>\n

In a suspected data breach, the client needed to understand what reporting obligation, if any, they may have. Working with their outside counsel, we were asked to provide opinions on the compromise of systems, if any, and what data had been accessed.<\/p>\n

First and foremost, our client needed to determine if there had, in fact, been a data breach. That required an opinion on the compromise of systems and a determination regarding the accessing of data. Specifically, the client relied on our expertise for the following:<\/p>\n

    \n
  • Understanding and identifying the system of records for obtaining the necessary systems, data, and logs for review<\/li>\n
  • Determining how encryption may have played a role in the protection of data<\/li>\n
  • Understanding, explaining, and analyzing the various ways to exfiltrate data<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<\/div> <\/div>\n<\/div>\n\n
    \n

    \n \n Solution <\/span>\n\n \n \n <\/span>\n <\/h1>\n<\/div>\n\n\n
    \n
    \n
    \n
    \n
    \n
    Our Forensic Team analyzed computers, intrusion detection logs, router logs, and other system related logs in an effort to determine if a breach occurred.<\/h5>\n

    The iDS Forensics and Investigative Team performed their analysis and reported on the following:<\/p>\n

      \n
    • The intruder had very limited access to the affected systems(s)<\/li>\n
    • The activity had been identified within a few hours of entry<\/li>\n
    • No actual data had been exfiltrated<\/li>\n
    • In terms of \u201caccess,\u201d the areas visited by the intruder were encrypted<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<\/div> <\/div>\n<\/div>\n\n
      \n

      \n \n Result <\/span>\n\n \n \n <\/span>\n <\/h1>\n<\/div>\n\n\n
      \n
      \n
      \n
      \n
      \n
      iDS was able to show that while unauthorized access to the network had occurred, no exfiltration had occurred and no viewable data have been accessed.\u00a0<\/h5>\n

      Our client was confident that while there had been unauthorized network access, no exfiltration occurred and no viewable data was accessed. Accordingly, it was determined by outside counsel that limited to no reporting was required.<\/p>\n<\/div>\n<\/div>\n<\/div> <\/div>\n<\/div>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n","protected":false},"excerpt":{"rendered":"

      iDS\u2019s client believed that they might have been the victim of a data breach. In a suspected data breach, the client needed to understand what reporting obligation, if any, they may have. Working with their outside counsel, we were asked to provide opinions on the compromise of systems, if any, and what data had been […]<\/p>\n","protected":false},"author":7,"featured_media":2490,"parent":33,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"team":[],"class_list":["post-2560","page","type-page","status-publish","has-post-thumbnail","hentry","has-post-title","has-post-date","has-post-category","has-post-tag","has-post-comment","has-post-author",""],"yoast_head":"\nSuspected Data Breach - iDiscovery Solutions<\/title>\n<meta name=\"description\" content=\"After a Suspected Data Breach, iDiscovery Solutions Determined What Data Was Accessed to Decide Whether Reporting Was Necessary.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/idsinc.com\/en_gb\/case-studies\/suspected-data-breach\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Suspected Data Breach - Determining What Data Was Accessed to Decide Whether Reporting Was Necessary\" \/>\n<meta property=\"og:description\" content=\"After a Suspected Data Breach, iDiscovery Solutions Determined What Data Was Accessed to Decide Whether Reporting Was Necessary.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/idsinc.com\/en_gb\/case-studies\/suspected-data-breach\/\" \/>\n<meta property=\"og:site_name\" content=\"iDiscovery Solutions\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/iDiscovery-Solutions-110210573904472\" \/>\n<meta property=\"article:modified_time\" content=\"2022-12-07T20:11:15+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-202114-reportingwasnecessary.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2500\" \/>\n\t<meta property=\"og:image:height\" content=\"1250\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/suspected-data-breach\\\/\",\"url\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/suspected-data-breach\\\/\",\"name\":\"Suspected Data Breach - iDiscovery Solutions\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/suspected-data-breach\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/suspected-data-breach\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/idsinc.com\\\/wp-content\\\/uploads\\\/2021\\\/12\\\/iDS-CaseStudyImages-202114-reportingwasnecessary.jpg\",\"datePublished\":\"2021-12-03T17:39:16+00:00\",\"dateModified\":\"2022-12-07T20:11:15+00:00\",\"description\":\"After a Suspected Data Breach, iDiscovery Solutions Determined What Data Was Accessed to Decide Whether Reporting Was Necessary.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/suspected-data-breach\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/suspected-data-breach\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/suspected-data-breach\\\/#primaryimage\",\"url\":\"https:\\\/\\\/idsinc.com\\\/wp-content\\\/uploads\\\/2021\\\/12\\\/iDS-CaseStudyImages-202114-reportingwasnecessary.jpg\",\"contentUrl\":\"https:\\\/\\\/idsinc.com\\\/wp-content\\\/uploads\\\/2021\\\/12\\\/iDS-CaseStudyImages-202114-reportingwasnecessary.jpg\",\"width\":2500,\"height\":1250},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/suspected-data-breach\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/idsinc.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Case Studies\",\"item\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Suspected Data Breach – Determining What Data Was Accessed to Decide Whether Reporting Was Necessary\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/#website\",\"url\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/\",\"name\":\"iDiscovery Solutions\",\"description\":\"Use data to your advantage in the courtroom\",\"publisher\":{\"@id\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/#organization\"},\"alternateName\":\"iDS\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/#organization\",\"name\":\"iDiscovery Solutions\",\"alternateName\":\"iDS\",\"url\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/idsinc.com\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/iDS-Logo-3c-e1611176096212.png\",\"contentUrl\":\"https:\\\/\\\/idsinc.com\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/iDS-Logo-3c-e1611176096212.png\",\"width\":100,\"height\":73,\"caption\":\"iDiscovery Solutions\"},\"image\":{\"@id\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/iDiscovery-Solutions-110210573904472\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/idsinc\",\"https:\\\/\\\/www.youtube.com\\\/channel\\\/UCarv7o1MeYfCp0eZ1IrufIw\"],\"description\":\"iDS provides consultative data solutions to corporations and law firms around the world, giving them a decisive advantage \u2013 both in and out of the courtroom. iDS\u2019s subject matter experts and data strategists specialize in finding solutions to complex data problems, ensuring data can be leveraged as an asset, not a liability.\",\"email\":\"info@idsinc.com\",\"telephone\":\"+1.800.813.4832\",\"legalName\":\"iDiscovery Solutions\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Suspected Data Breach - iDiscovery Solutions","description":"After a Suspected Data Breach, iDiscovery Solutions Determined What Data Was Accessed to Decide Whether Reporting Was Necessary.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/idsinc.com\/en_gb\/case-studies\/suspected-data-breach\/","og_locale":"en_GB","og_type":"article","og_title":"Suspected Data Breach - Determining What Data Was Accessed to Decide Whether Reporting Was Necessary","og_description":"After a Suspected Data Breach, iDiscovery Solutions Determined What Data Was Accessed to Decide Whether Reporting Was Necessary.","og_url":"https:\/\/idsinc.com\/en_gb\/case-studies\/suspected-data-breach\/","og_site_name":"iDiscovery Solutions","article_publisher":"https:\/\/www.facebook.com\/iDiscovery-Solutions-110210573904472","article_modified_time":"2022-12-07T20:11:15+00:00","og_image":[{"width":2500,"height":1250,"url":"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-202114-reportingwasnecessary.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/idsinc.com\/case-studies\/suspected-data-breach\/","url":"https:\/\/idsinc.com\/case-studies\/suspected-data-breach\/","name":"Suspected Data Breach - iDiscovery Solutions","isPartOf":{"@id":"https:\/\/idsinc.com\/en_gb\/#website"},"primaryImageOfPage":{"@id":"https:\/\/idsinc.com\/case-studies\/suspected-data-breach\/#primaryimage"},"image":{"@id":"https:\/\/idsinc.com\/case-studies\/suspected-data-breach\/#primaryimage"},"thumbnailUrl":"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-202114-reportingwasnecessary.jpg","datePublished":"2021-12-03T17:39:16+00:00","dateModified":"2022-12-07T20:11:15+00:00","description":"After a Suspected Data Breach, iDiscovery Solutions Determined What Data Was Accessed to Decide Whether Reporting Was Necessary.","breadcrumb":{"@id":"https:\/\/idsinc.com\/case-studies\/suspected-data-breach\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/idsinc.com\/case-studies\/suspected-data-breach\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/idsinc.com\/case-studies\/suspected-data-breach\/#primaryimage","url":"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-202114-reportingwasnecessary.jpg","contentUrl":"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-202114-reportingwasnecessary.jpg","width":2500,"height":1250},{"@type":"BreadcrumbList","@id":"https:\/\/idsinc.com\/case-studies\/suspected-data-breach\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/idsinc.com\/"},{"@type":"ListItem","position":2,"name":"Case Studies","item":"https:\/\/idsinc.com\/case-studies\/"},{"@type":"ListItem","position":3,"name":"Suspected Data Breach – Determining What Data Was Accessed to Decide Whether Reporting Was Necessary"}]},{"@type":"WebSite","@id":"https:\/\/idsinc.com\/en_gb\/#website","url":"https:\/\/idsinc.com\/en_gb\/","name":"iDiscovery Solutions","description":"Use data to your advantage in the courtroom","publisher":{"@id":"https:\/\/idsinc.com\/en_gb\/#organization"},"alternateName":"iDS","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/idsinc.com\/en_gb\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/idsinc.com\/en_gb\/#organization","name":"iDiscovery Solutions","alternateName":"iDS","url":"https:\/\/idsinc.com\/en_gb\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/idsinc.com\/en_gb\/#\/schema\/logo\/image\/","url":"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/01\/iDS-Logo-3c-e1611176096212.png","contentUrl":"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/01\/iDS-Logo-3c-e1611176096212.png","width":100,"height":73,"caption":"iDiscovery Solutions"},"image":{"@id":"https:\/\/idsinc.com\/en_gb\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/iDiscovery-Solutions-110210573904472","https:\/\/www.linkedin.com\/company\/idsinc","https:\/\/www.youtube.com\/channel\/UCarv7o1MeYfCp0eZ1IrufIw"],"description":"iDS provides consultative data solutions to corporations and law firms around the world, giving them a decisive advantage \u2013 both in and out of the courtroom. iDS\u2019s subject matter experts and data strategists specialize in finding solutions to complex data problems, ensuring data can be leveraged as an asset, not a liability.","email":"info@idsinc.com","telephone":"+1.800.813.4832","legalName":"iDiscovery Solutions"}]}},"builder_content":"\n<h1>CHALLENGE<br\/><\/h1>\n<h5>iDS\u2019s client believed that they might have been the victim of a data breach.<\/h5> <p>In a suspected data breach, the client needed to understand what reporting obligation, if any, they may have. Working with their outside counsel, we were asked to provide opinions on the compromise of systems, if any, and what data had been accessed.<\/p> <p>First and foremost, our client needed to determine if there had, in fact, been a data breach. That required an opinion on the compromise of systems and a determination regarding the accessing of data. Specifically, the client relied on our expertise for the following:<\/p> <ul> <li>Understanding and identifying the system of records for obtaining the necessary systems, data, and logs for review<\/li> <li>Determining how encryption may have played a role in the protection of data<\/li> <li>Understanding, explaining, and analyzing the various ways to exfiltrate data<\/li> <\/ul>\n<h1>Solution<br\/><\/h1>\n<h5>Our Forensic Team analyzed computers, intrusion detection logs, router logs, and other system related logs in an effort to determine if a breach occurred.<\/h5> <p>The iDS Forensics and Investigative Team performed their analysis and reported on the following:<\/p> <ul> <li>The intruder had very limited access to the affected systems(s)<\/li> <li>The activity had been identified within a few hours of entry<\/li> <li>No actual data had been exfiltrated<\/li> <li>In terms of \u201caccess,\u201d the areas visited by the intruder were encrypted<\/li> <\/ul>\n<h1>Result<br\/><\/h1>\n<h5>iDS was able to show that while unauthorized access to the network had occurred, no exfiltration had occurred and no viewable data have been accessed.\u00a0<\/h5> <p>Our client was confident that while there had been unauthorized network access, no exfiltration occurred and no viewable data was accessed. Accordingly, it was determined by outside counsel that limited to no reporting was required.<\/p>","_links":{"self":[{"href":"https:\/\/idsinc.com\/en_gb\/wp-json\/wp\/v2\/pages\/2560","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/idsinc.com\/en_gb\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/idsinc.com\/en_gb\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/idsinc.com\/en_gb\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/idsinc.com\/en_gb\/wp-json\/wp\/v2\/comments?post=2560"}],"version-history":[{"count":0,"href":"https:\/\/idsinc.com\/en_gb\/wp-json\/wp\/v2\/pages\/2560\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/idsinc.com\/en_gb\/wp-json\/wp\/v2\/pages\/33"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/idsinc.com\/en_gb\/wp-json\/wp\/v2\/media\/2490"}],"wp:attachment":[{"href":"https:\/\/idsinc.com\/en_gb\/wp-json\/wp\/v2\/media?parent=2560"}],"wp:term":[{"taxonomy":"team","embeddable":true,"href":"https:\/\/idsinc.com\/en_gb\/wp-json\/wp\/v2\/team?post=2560"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}