20 years in San Diego | Accounting Database & Network
Access Issue | Data Loss Forensics
This is a true story but the names have been changed in order to respect the privacy of the victim.
XYZ was a medical office providing medical services to clients in San Diego for over 20 years. After the sudden death of the CEO, the company hired a replacement, Dr. Smith who was asked to come in and take over the responsibilities of the CEO. Upon reviewing tax reports,
Dr. Smith was intrigued by the lack of funds in the bank accounts and decided that she should figure out why the company seemed to have no money. It was a Friday afternoon, and Dr. Smith attempted to log in to the company's accounting database. The company's network appeared to be down because the system would not allow her to log-on. She went into her accountant's office and found out that the company's accountant had not shown up for work that day. She then tried to reach the data from his computer.
Dr. Smith began seeing error messages stating that data was no longer available or missing, and she was unable to get any further. To no avail, Dr. Smith spent the weekend calling around trying to locate the missing accountant. When Monday arrived and they were still without an accountant, or any accounting data, she called BrenTech for help. When our software engineer showed up, he quickly determined that the passwords for the accounting system had been changed.
− Security begins at the Employee Access Level with credentials to protect compnay data.
− Deployment of mandaorty security measures integrating Data Loss Prevention filtering must be established.
− Banking access intrests should always be scrutinized.
Our engineer was able to break into the accounting software and discovered that all of the accounting data had been deleted. Our engineering team was able to find the deleted files and recover all of the data. BrenTech's computer forensics team went to work and discovered that the accountant fraudulently logged large amounts of money into the accounting program.
Working with law enforcement officials, BrenTech's computer forensic team was able to provide Dr. Smith with enough evidence to prosecute the missing accountant who apparently embezzled almost $100K before disappearing.