Digital Forensics Case Studies

Case Study – Intellectual Property, Brand Protection and Civil Seizure

Case Type – Computer Forensics, Electronic Auditing, Email
Environment – Desktops, Laptops, Distribution Software and Sales Management System

GDF supported attorneys, private investigators and US Marshalls on a civil seizure. The client’s intellectual property, in this case garments, were being counterfeited and sold throughout the United States. GDF supported the seizure team by locating additional locations during the seizure, as well as gathering digital evidence onsite, eliminating the need to remove and return computers and other electronic devices, ensuring that the terms of the order were adhered to and the gathering of evidence was expedited.

Case Study – Banking, Corporate Fraud SOX Auditing

Case Type – Computer Forensics
Environment – Complex Network, Mainframe, Banking Industry Specific Software, Email, Voice Mail

A large accounting firm was hired to audit certain activities related to loans to individuals on the board of directors of a medium size, publicly traded bank (the “Bank”). During the audit, the auditors needed to examine several computer systems used by certain Bank employees, as well as by certain board members. GDF’s digital forensic examiners were immediately dispatched and sent in to arrange for the forensic analysis of the computer systems and to search for corroborating evidence in support of the audit team’s suspicions and findings. The systems GDF analysts forensically analyzed included laptop computers issued to managers in the loan origination department and desktop systems used by managers and board members. Email (Exchange) servers, as well as voicemail systems, were examined.

Case Study – Drug Diversion, Brand Protection, Counterfeiting and International Fraud

Case Type – Computer Forensics, Law Enforcement Support, Criminal
Environment – Email, Desktops, Laptops, Blackberries (BES and Handhelds), Foreign Language Data

A pharmaceutical company began receiving complaints from its representatives in certain geographical areas that sales of normally high volume drugs were slowing down considerably. The company’s internal security department, as well as the security departments of its major distributors, began an investigation. The results of the investigations led the security professionals to believe a significant amount of the company’s product was being diverted from foreign countries into the United States and sold through smaller distributors who specialized in sales to locally, privately owned pharmacies and dispensaries within nursing homes. The diversion activities were immediately reported to the local authorities in the regions, as well as to the FDA. An investigation was immediately launched and millions of dollars of diverted drugs and repackaging equipment was seized from several locations, including the warehouses of fully licensed pharmaceutical distributors. Along with the diverted product, the computers and other electronic equipment were also seized. The seizure went smoothly and the company was satisfied, as were investigators from the FDA and local law enforcement. However, the case was severely hindered by the fact that the majority of communications between the principals of the distribution companies (foreign nationals) and the foreign suppliers was conducted by email. There were also virtually no paper records on site. While the local authorities and the FDA had access to computer forensic labs, both faced similar roadblocks in their investigations; the labs were severely backlogged and the systems were encrypted and fairly complex, as well as being in a foreign language.

Case Study – Data Forensics, Computer Forensics

Case Type – Internal Corporate Fraud
Environment – Complex Multi-Location Network and Desktop
Industry – Banking

Case Study – Electronic Data and Document Discovery

Case Type – Complex Litigation
Environment – Legacy and Updated Mainframe
Industry – Financial
Quantity of Data – > 12 Terabytes (millions
transactions and documents)

Case Study – Digital Document Forensics, Computer Forensics

Case Type – Massive Financial Fraud
Environment – Mainframe and Network
Industry – Financial
Quantity of Data – Terabytes

Case Study – Digital Data Forensics/Electronic

Document Discovery/ Computer Forensics
Case Type – Massive Securities Fraud
Environment – Complex, Desktop, Raw Transaction Data, Email
Industry – Financial Services

Case Study – Digital Forensics/Regulatory

Case Type – Insurance Industry Regulation
Environment – Complex Mainframe, Desktop, Raw Transaction Data, Email
Industry – Insurance

Case Study – Electronic Data Discovery and Computer Forensics

Case Type – Intellectual Property
Environment – Large Network, International WAN
Industry – Manufacturing/Wholesale
Quantity of Data – > Large Email Server (Notes), CRM System
(Customer Relationship Management) Database, PeopleSoft
Task – Work with counsel on Discovery Requests, Depositions,
30(b)6 and data correlation, coding and link analysis.

All full case studies available in PDF format.  Contact GDF for more information.