Case Study
Our commitment to excellence and use of cutting-edge technology ensures that we deliver reliable and admissible evidence for legal proceedings. Explore our case studies to learn more about how we help our clients uncover the truth.
With over 12 years of experience, our team has tackled a wide range of cases, including:
- Cybercrime Investigations: Uncovering and analysing digital evidence to solve complex cybercrimes.
- Intellectual Property Theft: Identifying and recovering stolen intellectual property to protect our clients’ assets.
- Data Breach Analysis: Investigating data breaches to determine the source and extent of the compromise.
Case Study 1: Conflict of Interest
A large corporation suspected that the procurement manager and a senior staff member had a direct controlling interest in a third-party vendor supplying products to the company. Given the procurement manager’s responsibility for both vetting and approving vendors, he was able to manipulate product prices. This undisclosed conflict of interest was a significant concern for the company.
Due to the employee’s long tenure of over 10 years and substantial salary, terminating his employment would typically entitle him to a considerable severance package. Consequently, the forensic team was engaged to conduct a comprehensive forensic data collection and examination of various electronic devices.
The analysis of emails, documents, and chat messages provided clear evidence that the employee controlled the vendor company. Based on this evidence, the company was able to terminate the employee without incurring a large severance payout. Additionally, the company successfully negotiated a substantial compensation payment from the former employee, demonstrating the cost-saving potential of digital forensic services.
Case Study 2: Unauthorised Access to Data
This case pertains to unauthorised access to a computer system and subsequent data destruction. Our forensic team was contacted by a client who discovered that a former employee had accessed the company’s Google Cloud storage using his previous user account after his departure. The company identified that numerous critical files had been deleted from the cloud storage.
Upon examining the log files associated with the cloud storage, it was revealed that the storage had been accessed multiple times without authorization from various devices after the employee had left the company. Additionally, it was found that critical data had been downloaded by the user before being deleted from the cloud.
A thorough forensic examination was conducted, and evidence along with forensic reports were prepared to support legal action. As the case was approaching court proceedings, the defendant agreed to settle the matter out of court by compensating our client, thereby avoiding a lengthy and costly trial.
Case Study 3: Business Email Compromise
This case involves the compromise of a business email system. A Thai company sought our forensic team’s assistance to determine whether their email system or that of their US vendor had been compromised.
Our client was scheduled to pay a substantial invoice issued by their US vendor for products provided. Before making the payment, they received a fraudulent email that appeared to originate from the US vendor, requesting the funds be transferred to a different bank account. Trusting the email, our client complied and made the payment. Subsequently, the vendor contacted our client, claiming they had not received the payment. This led to mutual accusations of email system compromise, resulting in the funds being transferred to an unauthorized account.
Our forensic team conducted a thorough analysis of the email chain. The investigation revealed that an individual had accessed one of the US vendor’s email accounts using legitimate login credentials from Nigeria. This individual sent the fraudulent email requesting the payment to the alternate bank account. Following this, the fraudster created a fake email account closely resembling the US vendor’s domain and continued to communicate with our client in Thailand, successfully deceiving them into transferring the funds to the fraudster’s account.
The forensic examination conclusively demonstrated that the compromise occurred due to the US vendor’s employee’s email account being accessed with stolen login credentials.