How to Recover Your Data After a Cyberattack

March 19, 2020 | Article

When dealing with frustrating situations such as falling victim to a Business Email Compromise, there are many aspects to consider in the recovery period. Recovering the money to the best extent possible is important; however, another issue to address is data loss and your potential obligation to report it under Federal and/or state statutes.

Recently, we have seen significant malicious Business Email Compromise activity against Microsoft Office 365 and Google G Suite. In fact, the Federal Bureau of Investigations (FBI) has specifically warned the private industry to be on guard.

"The scams are initiated through specifically developed phish kits designed to mimic the cloud-based email services in order to compromise business email accounts and request or misdirect transfers of funds," the FBI said in a Private Industry Notification (PIN) from March 3, 2020.

When a target falls victim to a phishing attack, the cybercriminals look for evidence of financial transactions within each set of compromised credentials. Once this evidence is gathered by the cybercriminals, they either impersonate email communications internally or with other third parties, such as vendors and customers.

Have you recently suffered a cyberattack? Learn more and take our assessment here.

Through an investigation, you can determine what Personal Identifying Information (PII) and/or Protected Health Information (PHI) data may have been compromised. Incident response professionals can also assist with Federal and/or state statutory reporting requirements that you may be unaware of. It is important to recognize the need to investigate if PII or PHI data was accessed by the cybercriminals.

How Forensic Accountants Can Help Recover Your Data
Forensic accountants can:

  • Coordinate with legal counsel that are well versed in cybersecurity and reporting requirements, which is especially useful if your organization doesn’t have legal counsel with this experience.
  • Investigate logs from the email accounts and forensically preserve and analyze the workplace devices used by those with compromised credentials. This helps determine the totality of the compromise and what PII and/or PHI data, if any, was subject to the compromise.
  • Collaborate with your IT department (whether internal or third-party) and obtain logs needed to investigate as well as to put in place preventative steps to mitigate future risk of a successful malicious attack.
  • Offer additional assistance, such as taking over the management of email to bolster your organization’s security posture and fill in any IT gaps. This includes ensuring systems like multifactor authentication, and other safety features you may be unaware of, are in place.

As a bank director, you have the difficult task of being responsible for providing oversight and mitigating your bank’s risks, including the risk of fraud. We’ve got you covered on the latest tips and trends.

What Can I Do Now?
Conducting fraud prevention checkups on a periodic basis can help you make sure your organization is prepared. If you have already experienced a fraudulent attack, our forensic accountants can help you sort through the compromised data and restore peace to your company.

Remember, it’s not always about the money; data can be invaluable! Here’s what fraud could really be costing you.

Stay current on your favorite topics


Learn More

See what more we can bring to organizations just like yours.

Financial Institutions

Take a deeper dive into this Insight’s subject matter.

Fraud & Forensic Advisory