A Chicago based company underwent huge financial losses after recurring Project tender losses to its rival company. This rival company which was recently established came up as a competitor threat. Product Manager came to know that some data of systems has been misappropriated. Company suspected that one amongst the former employees misused their computer systems and then delivered the secret databases and corporate information of Projects to other company based on same product-line. The investigation was supposed to be done for theft of trade secrets as Project data was leaked.
Investigators wanted to rely on a solution which can provide output in less time and hence reliable e-discovery tools were needed. FTK Imager and MailXaminer were used for the investigation. FTK Imager offers hard drive imaging for creating replicas of hard drives. MailXaminer being foremost software for forensics investigation offers an integrated set of multiple forensics utilities. The selection was made on the base of following capabilities of this tool;
Excellent Search options to try various keywords for figuring out the guilty
Various view options to trace the IP addresses of emails.
Exporting, bookmarking options to separate out analyzed and suspicious mails
Case creation, deletion, management, and collaboration facilities.
Acquisition & Analysis
Copies of needed hard drives media from the suspects systems were created on which the data analysis was supposed to be done.
It also covered the email files on which the investigation was supposed to be done.
Data recovery of the deleted and corrupted emails was done so as to go through all the emails of suspects
Case was studied in detail referencing to the evidences found
Soon some skeptical emails were traced which were further exported in presentable format.
These were exported and then preserved not letting them manipulated
Documentation was done on the artifacts collected which were converted to court-admissible format.
It was keenly preserved and taken care of not being altered in any way. It carried information of tools involved, analysis procedure, results, etc.
The case was solved successfully and the guilty was found amongst the three suspects in due time and costs.
Many emails belonging to the three prime suspects were scanned and searched through which lead to some prime evidences.
One amongst the three suspects was found guilty with references to data found.
Further it lead to the other end resources by tracing the IP addresses which were found to be linked with other rival company.
The evidences were handled, preserved and then presented in the court unaltered.
The accused was held with a charge claimed of theft of trade secrets.
Words from Investigators
"The cooperation shown by e-discovery tool's team especially MailXaminer, is highly appreciated. It was impossible to reach the results before deadlines without this software and the expert team who guided well with its assistance."