Mishcon de Reya page structure
Site header
Menu
Main content section

Cyber Risk and Complex Investigations

Case studies

Our work

We are proud of the work we do for our clients. We believe in challenging the conventional or accepted ways of working. We like to solve problems quickly. We fiercely guard our clients’ interests and take bold action.

Whether it is using new techniques to find hidden data, orchestrating the takedown of a cyber attacker’s infrastructure or helping a client better protect themselves, we apply new thinking to everything we do. We are unique in looking into both the legal and non-legal worlds for tools to solve our clients' cyber issues.

These short examples highlight both our capabilities and provide a view of the kinds of engagements clients rely on us for.

Post-Incident Review after Nation-State Attack

A large international client had suffered a major nation-state attack as they went through an M&A process. ​The attack was managed internally, however the client wanted to ensure that the experience of the incident was not wasted...
a low angle view of a tall building

Confidential Data Theft for an International Manufacturer

Our client suspected a large data theft had occurred when an employee left the business and set up in competition. They began to lose contracts and could not understand how else the competitor knew to undercut them...

Nation State attack on M&A

A client contacted us as they had an ongoing incident where internal e-mails were being forwarded to a third party...

Recovery of Funds

A client had been notified that a multi-million pound sum had not reached its intended recipient as part of a large transaction. The client had discovered unusual e-mails and were unsure as to what to do next...

Retained Incident Response

A FTSE 100 retailer needed ongoing support for their incident management process. They had a small security operations team who were struggling to stay on top of incident volumes and deal with the incident complexity being encountered...
red waves

Locating an alleged fraudster

Our client wanted to locate someone (“the subject”) who had allegedly defrauded their family, abused their child, and then fled abroad...
abstract dark structure

Large Risk Cyber Insurance Review

An international insurer was looking to underwrite a large cyber risk, using a non-standard policy. The insured company was owned by a single family and had both information technology as well as operational technology assets...

Cryptocurrency Sponsorship Due-diligence

Our client was a sports management company who promotes, broadcasts and sponsors live events. ​They were approached by a cryptocurrency “initial coin offering” (ICO) who wanted to sponsor their events, offering a significant commercial deal...

Private Island Due-Diligence

Our client operated a private Caribbean island with properties for sale and rent. They wanted to ensure that potential investors had legitimate sources of wealth to meet local legislation and regulation...

Illegal Streaming Investigations

Our client’s broadcasting content was being stolen without a license and distributed to other viewers through an “IPTV” service. This was diverting significant funds from our client and encouraging viewers away from their services...

Cloud Security Review

Our client had suffered a business e-mail compromise that highlighted risks in their overall cloud security. The organisation was rapidly embracing cloud services including Office365, Azure and other third parties...

Video Conferencing Security

The COVID-19 crisis has turned businesses ‘inside out’. The resistance to widespread use of video conferencing disappeared overnight...

Incident response for attempted fraud

Our client experienced a business email compromise and was alerted of this incident when the client’s cornerstone customer queried a fake invoice which had been created and sent by attackers to the customer using our client’s email account...
Steps with a blue light border

International data transfer regulations

Our client was commencing an internal programme to centralise data from a number of international offices, and needed guidance on any jurisdictional regulations that might either prevent the transfer of data beyond jurisdictional boundaries or mandate specific controls that the client would need to implement...

Frauds perpetrated using depreciated systems

Our client had recently become aware of several payments for their services being passed to bank account details that were not theirs, apparently in response to emails from the client to their customers...

Incident response for an acquired website and staff

Our client had acquired a complementary web-based business which had been running without significant maintenance for a year when unusual events were noted in their log files...
abstract tunnel silver and gold

Sector-specific data protection guidance

Our client was engaging with a newly acquired business office in a jurisdiction known for its keen regulation of data protection in certain sectors...

Subscribe to our mailings

Keep up to date with news, publications and briefings

Subscribe
How can we help you?
Help

How can we help you?

Subscribe: I'd like to keep in touch

If your enquiry is urgent please call +44 20 3321 7000

Crisis Hotline

I'm a client

I'm looking for advice

Something else