{"id":2560,"date":"2021-12-03T11:39:16","date_gmt":"2021-12-03T17:39:16","guid":{"rendered":"https:\/\/staging2.idsinc.com\/case-studies\/maintaining-electronically-stored-information-copy\/"},"modified":"2022-12-07T14:11:15","modified_gmt":"2022-12-07T20:11:15","slug":"suspicion-de-violation-de-donnees","status":"publish","type":"page","link":"https:\/\/idsinc.com\/fr\/case-studies\/suspected-data-breach\/","title":{"rendered":"Violation de donn\u00e9es suspect\u00e9e - D\u00e9terminer quelles donn\u00e9es ont \u00e9t\u00e9 consult\u00e9es pour d\u00e9cider si un signalement \u00e9tait n\u00e9cessaire"},"content":{"rendered":"\n
\n
\n
\n
\n \n
\n
\n \"Violation \n <\/div>\n \n \n <\/div>\n <\/div>\n <\/div>\n <\/div>\n
\n
\n
\n \n
\n

\n \n D\u00c9FI <\/span>\n\n \n \n <\/span>\n <\/h1>\n<\/div>\n\n\n
\n
\n
\n
\n
\n
Le client d'iDS pensait avoir \u00e9t\u00e9 victime d'une violation de donn\u00e9es.<\/h5>\n

En cas de suspicion de violation de donn\u00e9es, le client devait comprendre quelle obligation de signalement, le cas \u00e9ch\u00e9ant, il pourrait avoir. En collaboration avec leur avocat externe, nous avons \u00e9t\u00e9 invit\u00e9s \u00e0 fournir des avis sur la compromission des syst\u00e8mes, le cas \u00e9ch\u00e9ant, et sur les donn\u00e9es consult\u00e9es.<\/p>\n

Avant tout, notre client devait d\u00e9terminer s'il y avait effectivement eu une violation de donn\u00e9es. Cela n\u00e9cessitait un avis sur la compromission des syst\u00e8mes et une d\u00e9termination quant \u00e0 l'acc\u00e8s aux donn\u00e9es. Plus pr\u00e9cis\u00e9ment, le client s'est appuy\u00e9 sur notre expertise pour ce qui suit :<\/p>\n

    \n
  • Comprendre et identifier le syst\u00e8me d'enregistrements pour obtenir les syst\u00e8mes, les donn\u00e9es et les journaux n\u00e9cessaires \u00e0 l'examen<\/li>\n
  • D\u00e9terminer comment le chiffrement peut avoir jou\u00e9 un r\u00f4le dans la protection des donn\u00e9es<\/li>\n
  • Comprendre, expliquer et analyser les diff\u00e9rentes mani\u00e8res d'exfiltrer les donn\u00e9es<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<\/div> <\/div>\n<\/div>\n\n
    \n

    \n \n Solution <\/span>\n\n \n \n <\/span>\n <\/h1>\n<\/div>\n\n\n
    \n
    \n
    \n
    \n
    \n
    Notre \u00e9quipe m\u00e9dico-l\u00e9gale a analys\u00e9 les ordinateurs, les journaux de d\u00e9tection d'intrusion, les journaux de routeur et d'autres journaux li\u00e9s au syst\u00e8me dans le but de d\u00e9terminer si une violation s'est produite.<\/h5>\n

    L'\u00e9quipe iDS Forensics and Investigative a effectu\u00e9 son analyse et a rendu compte des \u00e9l\u00e9ments suivants\u00a0:<\/p>\n

      \n
    • L'intrus avait un acc\u00e8s tr\u00e8s limit\u00e9 au(x) syst\u00e8me(s) affect\u00e9(s)<\/li>\n
    • L'activit\u00e9 avait \u00e9t\u00e9 identifi\u00e9e quelques heures apr\u00e8s l'entr\u00e9e<\/li>\n
    • Aucune donn\u00e9e r\u00e9elle n'a \u00e9t\u00e9 exfiltr\u00e9e<\/li>\n
    • En termes d'"acc\u00e8s", les zones visit\u00e9es par l'intrus \u00e9taient crypt\u00e9es<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<\/div> <\/div>\n<\/div>\n\n
      \n

      \n \n R\u00e9sultat <\/span>\n\n \n \n <\/span>\n <\/h1>\n<\/div>\n\n\n
      \n
      \n
      \n
      \n
      \n
      iDS a pu montrer que m\u00eame si un acc\u00e8s non autoris\u00e9 au r\u00e9seau s'\u00e9tait produit, aucune exfiltration ne s'\u00e9tait produite et aucune donn\u00e9e visible n'avait \u00e9t\u00e9 consult\u00e9e.\u00a0<\/h5>\n

      Notre client \u00e9tait convaincu que m\u00eame s'il y avait eu un acc\u00e8s non autoris\u00e9 au r\u00e9seau, aucune exfiltration ne s'\u00e9tait produite et aucune donn\u00e9e visible n'avait \u00e9t\u00e9 consult\u00e9e. En cons\u00e9quence, il a \u00e9t\u00e9 d\u00e9termin\u00e9 par un avocat externe qu'il n'\u00e9tait pas n\u00e9cessaire de faire rapport, voire aucun.<\/p>\n<\/div>\n<\/div>\n<\/div> <\/div>\n<\/div>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n","protected":false},"excerpt":{"rendered":"

      iDS\u2019s client believed that they might have been the victim of a data breach. In a suspected data breach, the client needed to understand what reporting obligation, if any, they may have. Working with their outside counsel, we were asked to provide opinions on the compromise of systems, if any, and what data had been […]<\/p>\n","protected":false},"author":7,"featured_media":2490,"parent":33,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"team":[],"class_list":["post-2560","page","type-page","status-publish","has-post-thumbnail","hentry","has-post-title","has-post-date","has-post-category","has-post-tag","has-post-comment","has-post-author",""],"yoast_head":"\nSuspected Data Breach - iDiscovery Solutions<\/title>\n<meta name=\"description\" content=\"After a Suspected Data Breach, iDiscovery Solutions Determined What Data Was Accessed to Decide Whether Reporting Was Necessary.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/idsinc.com\/fr\/etudes-de-cas\/suspicion-de-violation-de-donnees\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Suspected Data Breach - Determining What Data Was Accessed to Decide Whether Reporting Was Necessary\" \/>\n<meta property=\"og:description\" content=\"After a Suspected Data Breach, iDiscovery Solutions Determined What Data Was Accessed to Decide Whether Reporting Was Necessary.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/idsinc.com\/fr\/etudes-de-cas\/suspicion-de-violation-de-donnees\/\" \/>\n<meta property=\"og:site_name\" content=\"iDiscovery Solutions\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/iDiscovery-Solutions-110210573904472\" \/>\n<meta property=\"article:modified_time\" content=\"2022-12-07T20:11:15+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-202114-reportingwasnecessary.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2500\" \/>\n\t<meta property=\"og:image:height\" content=\"1250\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/suspected-data-breach\\\/\",\"url\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/suspected-data-breach\\\/\",\"name\":\"Suspected Data Breach - iDiscovery Solutions\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/suspected-data-breach\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/suspected-data-breach\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/idsinc.com\\\/wp-content\\\/uploads\\\/2021\\\/12\\\/iDS-CaseStudyImages-202114-reportingwasnecessary.jpg\",\"datePublished\":\"2021-12-03T17:39:16+00:00\",\"dateModified\":\"2022-12-07T20:11:15+00:00\",\"description\":\"After a Suspected Data Breach, iDiscovery Solutions Determined What Data Was Accessed to Decide Whether Reporting Was Necessary.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/suspected-data-breach\\\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/suspected-data-breach\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/suspected-data-breach\\\/#primaryimage\",\"url\":\"https:\\\/\\\/idsinc.com\\\/wp-content\\\/uploads\\\/2021\\\/12\\\/iDS-CaseStudyImages-202114-reportingwasnecessary.jpg\",\"contentUrl\":\"https:\\\/\\\/idsinc.com\\\/wp-content\\\/uploads\\\/2021\\\/12\\\/iDS-CaseStudyImages-202114-reportingwasnecessary.jpg\",\"width\":2500,\"height\":1250},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/suspected-data-breach\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/idsinc.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Case Studies\",\"item\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Suspected Data Breach – Determining What Data Was Accessed to Decide Whether Reporting Was Necessary\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/#website\",\"url\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/\",\"name\":\"iDiscovery Solutions\",\"description\":\"Use data to your advantage in the courtroom\",\"publisher\":{\"@id\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/#organization\"},\"alternateName\":\"iDS\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/#organization\",\"name\":\"iDiscovery Solutions\",\"alternateName\":\"iDS\",\"url\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/idsinc.com\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/iDS-Logo-3c-e1611176096212.png\",\"contentUrl\":\"https:\\\/\\\/idsinc.com\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/iDS-Logo-3c-e1611176096212.png\",\"width\":100,\"height\":73,\"caption\":\"iDiscovery Solutions\"},\"image\":{\"@id\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/iDiscovery-Solutions-110210573904472\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/idsinc\",\"https:\\\/\\\/www.youtube.com\\\/channel\\\/UCarv7o1MeYfCp0eZ1IrufIw\"],\"description\":\"iDS provides consultative data solutions to corporations and law firms around the world, giving them a decisive advantage \u2013 both in and out of the courtroom. iDS\u2019s subject matter experts and data strategists specialize in finding solutions to complex data problems, ensuring data can be leveraged as an asset, not a liability.\",\"email\":\"info@idsinc.com\",\"telephone\":\"+1.800.813.4832\",\"legalName\":\"iDiscovery Solutions\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Violation de donn\u00e9es suspect\u00e9e - iDiscovery Solutions","description":"Apr\u00e8s une violation de donn\u00e9es pr\u00e9sum\u00e9e, iDiscovery Solutions a d\u00e9termin\u00e9 quelles donn\u00e9es ont \u00e9t\u00e9 consult\u00e9es pour d\u00e9cider si un rapport \u00e9tait n\u00e9cessaire.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/idsinc.com\/fr\/etudes-de-cas\/suspicion-de-violation-de-donnees\/","og_locale":"fr_FR","og_type":"article","og_title":"Suspected Data Breach - Determining What Data Was Accessed to Decide Whether Reporting Was Necessary","og_description":"After a Suspected Data Breach, iDiscovery Solutions Determined What Data Was Accessed to Decide Whether Reporting Was Necessary.","og_url":"https:\/\/idsinc.com\/fr\/etudes-de-cas\/suspicion-de-violation-de-donnees\/","og_site_name":"iDiscovery Solutions","article_publisher":"https:\/\/www.facebook.com\/iDiscovery-Solutions-110210573904472","article_modified_time":"2022-12-07T20:11:15+00:00","og_image":[{"width":2500,"height":1250,"url":"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-202114-reportingwasnecessary.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/idsinc.com\/case-studies\/suspected-data-breach\/","url":"https:\/\/idsinc.com\/case-studies\/suspected-data-breach\/","name":"Violation de donn\u00e9es suspect\u00e9e - iDiscovery Solutions","isPartOf":{"@id":"https:\/\/idsinc.com\/en_gb\/#website"},"primaryImageOfPage":{"@id":"https:\/\/idsinc.com\/case-studies\/suspected-data-breach\/#primaryimage"},"image":{"@id":"https:\/\/idsinc.com\/case-studies\/suspected-data-breach\/#primaryimage"},"thumbnailUrl":"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-202114-reportingwasnecessary.jpg","datePublished":"2021-12-03T17:39:16+00:00","dateModified":"2022-12-07T20:11:15+00:00","description":"Apr\u00e8s une violation de donn\u00e9es pr\u00e9sum\u00e9e, iDiscovery Solutions a d\u00e9termin\u00e9 quelles donn\u00e9es ont \u00e9t\u00e9 consult\u00e9es pour d\u00e9cider si un rapport \u00e9tait n\u00e9cessaire.","breadcrumb":{"@id":"https:\/\/idsinc.com\/case-studies\/suspected-data-breach\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/idsinc.com\/case-studies\/suspected-data-breach\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/idsinc.com\/case-studies\/suspected-data-breach\/#primaryimage","url":"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-202114-reportingwasnecessary.jpg","contentUrl":"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-202114-reportingwasnecessary.jpg","width":2500,"height":1250},{"@type":"BreadcrumbList","@id":"https:\/\/idsinc.com\/case-studies\/suspected-data-breach\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/idsinc.com\/"},{"@type":"ListItem","position":2,"name":"Case Studies","item":"https:\/\/idsinc.com\/case-studies\/"},{"@type":"ListItem","position":3,"name":"Suspected Data Breach – Determining What Data Was Accessed to Decide Whether Reporting Was Necessary"}]},{"@type":"WebSite","@id":"https:\/\/idsinc.com\/en_gb\/#website","url":"https:\/\/idsinc.com\/en_gb\/","name":"Solutions d'iD\u00e9couverte","description":"Utilisez les donn\u00e9es \u00e0 votre avantage dans la salle d\u2019audience","publisher":{"@id":"https:\/\/idsinc.com\/en_gb\/#organization"},"alternateName":"iDS","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/idsinc.com\/en_gb\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/idsinc.com\/en_gb\/#organization","name":"Solutions d'iD\u00e9couverte","alternateName":"iDS","url":"https:\/\/idsinc.com\/en_gb\/","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/idsinc.com\/en_gb\/#\/schema\/logo\/image\/","url":"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/01\/iDS-Logo-3c-e1611176096212.png","contentUrl":"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/01\/iDS-Logo-3c-e1611176096212.png","width":100,"height":73,"caption":"iDiscovery Solutions"},"image":{"@id":"https:\/\/idsinc.com\/en_gb\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/iDiscovery-Solutions-110210573904472","https:\/\/www.linkedin.com\/company\/idsinc","https:\/\/www.youtube.com\/channel\/UCarv7o1MeYfCp0eZ1IrufIw"],"description":"iDS fournit des solutions de donn\u00e9es consultatives aux entreprises et aux cabinets d'avocats du monde entier, leur donnant un avantage d\u00e9cisif, tant \u00e0 l'int\u00e9rieur qu'\u00e0 l'ext\u00e9rieur de la salle d'audience. Les experts en la mati\u00e8re et les strat\u00e8ges en donn\u00e9es d'iDS se sp\u00e9cialisent dans la recherche de solutions \u00e0 des probl\u00e8mes de donn\u00e9es complexes, garantissant que les donn\u00e9es peuvent \u00eatre exploit\u00e9es comme un atout et non comme un passif.","email":"info@idsinc.com","telephone":"+1.800.813.4832","legalName":"iDiscovery Solutions"}]}},"builder_content":"\n<h1>CHALLENGE<br\/><\/h1>\n<h5>iDS\u2019s client believed that they might have been the victim of a data breach.<\/h5> <p>In a suspected data breach, the client needed to understand what reporting obligation, if any, they may have. Working with their outside counsel, we were asked to provide opinions on the compromise of systems, if any, and what data had been accessed.<\/p> <p>First and foremost, our client needed to determine if there had, in fact, been a data breach. That required an opinion on the compromise of systems and a determination regarding the accessing of data. Specifically, the client relied on our expertise for the following:<\/p> <ul> <li>Understanding and identifying the system of records for obtaining the necessary systems, data, and logs for review<\/li> <li>Determining how encryption may have played a role in the protection of data<\/li> <li>Understanding, explaining, and analyzing the various ways to exfiltrate data<\/li> <\/ul>\n<h1>Solution<br\/><\/h1>\n<h5>Our Forensic Team analyzed computers, intrusion detection logs, router logs, and other system related logs in an effort to determine if a breach occurred.<\/h5> <p>The iDS Forensics and Investigative Team performed their analysis and reported on the following:<\/p> <ul> <li>The intruder had very limited access to the affected systems(s)<\/li> <li>The activity had been identified within a few hours of entry<\/li> <li>No actual data had been exfiltrated<\/li> <li>In terms of \u201caccess,\u201d the areas visited by the intruder were encrypted<\/li> <\/ul>\n<h1>Result<br\/><\/h1>\n<h5>iDS was able to show that while unauthorized access to the network had occurred, no exfiltration had occurred and no viewable data have been accessed.\u00a0<\/h5> <p>Our client was confident that while there had been unauthorized network access, no exfiltration occurred and no viewable data was accessed. Accordingly, it was determined by outside counsel that limited to no reporting was required.<\/p>","_links":{"self":[{"href":"https:\/\/idsinc.com\/fr\/wp-json\/wp\/v2\/pages\/2560","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/idsinc.com\/fr\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/idsinc.com\/fr\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/idsinc.com\/fr\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/idsinc.com\/fr\/wp-json\/wp\/v2\/comments?post=2560"}],"version-history":[{"count":0,"href":"https:\/\/idsinc.com\/fr\/wp-json\/wp\/v2\/pages\/2560\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/idsinc.com\/fr\/wp-json\/wp\/v2\/pages\/33"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/idsinc.com\/fr\/wp-json\/wp\/v2\/media\/2490"}],"wp:attachment":[{"href":"https:\/\/idsinc.com\/fr\/wp-json\/wp\/v2\/media?parent=2560"}],"wp:term":[{"taxonomy":"team","embeddable":true,"href":"https:\/\/idsinc.com\/fr\/wp-json\/wp\/v2\/team?post=2560"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}