Forensic-Pathways was instructed to investigate a confirmed incident of data loss concerning thousands of confidential and sensitive records from a household-name insurance company in the UK. The investigation included an initial examination of the event leading to the security breach, its extent, and identified willingly and unwillingly involved members of staff. The covert and overt investigation measures employed on the case included:
- A forensic assessment of the extent of the data loss,
- A thorough investigation into unauthorised access and security breaches (USB memory sticks, unauthorised email use, spyware etc.), and
- Interviews with suspects and witnesses.
Forensic Pathways’ final report included a comprehensive narrative, identified the extent of the breach, an identification of suspected members of staff and analysis of security breach that aided the facilitation of the data loss. The Board of Directors subsequently invited Forensic-Pathways to perform a stress test and an audit on new data protection systems and a appropriate protocol was adopted in response to the breach.