Remember The Days of EnCase … Now It’s All About Cloud, Buckets, Social Media and Slack?

Investigating the Capital One data breach

Remember when digital investigations were all about archiving disks and running EnCase. Well, those days are rapidly going, and where there’s a need for a new breed of investigators and who understand Cloud Services, and Slack channel investigations. The latest breach of Capital One data gives an insight into the type of crime reporting than we may be seeing in the future. It pieces together traces around the Internet and then links them back to a target.

Some banks have moved to the Cloud quicker others. Capital One is one such bank and has defined that they will not use any data centres by 2020, and where they will host ALL of their data in the Cloud. But this move has perhaps caused them problems, and where the company is named in an indictment against an ex-Amazon.com employee and related to a data breach involving around 100 million people. This data is likely to include credit card details.

The core evidence appears to be that the information related to the breach has appeared on a GitHub associated with Paige A. Thompson: