Respond

Unlocking a life left behind

Gaining access to a deceased executive's Apple Mac for family and legal purposes

Device successfully unlocked
1
Financial documents recovered
Retrieved
Personal photos recovered for family
Retrieved

The situation

Following the death of a senior business executive, a solicitor managing the estate needed access to the individual’s Apple Mac computer. The device contained financial information required for estate administration and personal photographs that the family wished to preserve. No passwords were available, and Apple’s security measures prevented access through conventional means.

Details in this case study have been altered to protect client confidentiality. The core facts, forensic methodology, and outcomes are accurate.

What we found

The Apple Mac was protected by the individual’s login credentials, which had not been recorded or shared before their death. NDF needed to find a way to access the device that was both technically effective and respectful of the circumstances.

How we responded

NDF took a methodical approach combining human intelligence with technical capability:

  • Background research, collecting extensive information about the individual’s life, interests, and habits to inform potential password strategies
  • Password bypass techniques, applying specialist methods to work around the Apple security protections on the device
  • Data recovery, once access was achieved, carefully extracting the financial documents and personal photographs required by the solicitor and the family

The outcome

NDF successfully gained access to the Apple Mac. The financial documents needed for estate administration were retrieved and provided to the solicitor. Personal photographs were recovered and returned to the family, preserving memories that would otherwise have been permanently locked away.

Lessons for similar organisations

  • Digital estate planning is not optional. Individuals and their advisors should ensure that critical passwords and access credentials are documented in a secure location accessible to executors or trusted family members.
  • Technical expertise can recover access respectfully. Forensic professionals have techniques that can bypass device security when legitimate access is needed, without destructive methods that risk the data.
  • Act before devices age out. Apple and other manufacturers regularly update their security. The longer a locked device sits unused, the harder it may become to access as software and techniques evolve.