Case StudiesResponding to a Data Subject Access Request (DSAR) UK-based Oil Service Provider Airbus International Not-for-Profit Organization European Bank Middle-East Telecommunications Company Multinational Oil and Gas Extraction Company Multinational Life Sciences Company Global Technical Consulting Firm International Event and Talent Management Company Deminor Recovery Services/Olympus Technip Rolls-Royce Bank Leumi Class-action Lawsuit challenging Solitary Confinement in US Prisons Nordic Telecommunications Company Multinational Insurance Firm Multinational Transport Engineering Company
FRA was asked to assist with an incident response for a potential breach of highly sensitive client data. We were advised that the breach was initiated from unknown sources, and asked to respond immediately due to the sensitive nature of the data at risk.
FRA responded immediately after being notified by the client of the breach. We assisted with the execution of the client’s incident response plan, and managed the identification and collection of pertinent log files and data. We also conducted triage and analysis of collected data on a rolling and ongoing basis. FRA assisted the client’s IT and Legal staff to provide real-time updates on the scope and scale of the breach.
FRA determined that one of the client’s former IT administrators had been able to access the company network through compromised credentials, despite having their access and privileges revoked upon termination. We determined that the former employee was able to traverse the client’s network and access servers containing email and other sensitive data.