• Home
  • Latest
  • Case Study – Incident response for an acquired website and staff

Case Study – Incident response for an acquired website and staff

Posted on 23 November 2020

Our client had acquired a complementary web-based business which had been running without significant maintenance for a year when unusual events were noted in their log files; these led to some security issues being discovered, and MDR Cyber were brought in to contain the incident, work with the Data Protection team to determine if notifications were needed, and then assist with root cause analysis and remediation.

Working with the client technical team and also undertaking a level of hands-on systems reviews, our consultants were able to firmly identify the data potentially exposed and confirm that there was no evidence that the data had been accessed by unauthorised parties. Controls were put in place to contain the potential incident and prevent a reoccurrence. A broader security review was suggested but declined by the client.

Approximately one month later, the client noted potential security issues within different systems, and brought in MDR Cyber to assess the data access in question, working to determine again whether unauthorised access to data had occurred, and more importantly to determine if the owners of the acquired web-based business had been working with malicious insiders to share client data for a competing service that was being established.

Our clients reviewed the data access controls in place, assessed the settings and logs of a number of online sharing services, and reviewed all available email logs to assess whether there was evidence of any unauthorised activity. Our consultants found that there was no activity of data sharing, but clear signs of other activities which were raised to the client to handle via appropriate means. The client was left with a clear understanding of their data notification obligations, and a view of the potential activities being undertaken by members of their staff. 

How can we help you?

How can we help you?

Subscribe: I'd like to keep in touch

If your enquiry is urgent please call +44 20 3321 7000

COVID-19 Enquiry

Please enter your first name
Please enter your last name
Please enter your enquiry
Please enter your email address
Please enter your phone number
Please select a contact method

I'm a client

Please enter your first name
Please enter your last name
Please enter your enquiry
Please enter an email address
Please enter your phone number
Please enter a value

I'm looking for advice

Please enter your first name
Please enter your last name
Please enter your enquiry
Please select a department
Please enter your email address
Please enter your phone number
Please select a contact method

Something else

Please enter your first name
Please enter your last name
Please enter your enquiry
Please enter your email address
Please enter your phone number
Please select your contact method of choice