Digital Forensics Investigation Helps Business Partners Resolve Alleged Breach Event

A case study on work that Notion Digital Forensics have completed.

Notion Digital Forensics was engaged by a multinational technology company to investigate an alleged breach of their systems, in which a private key from a server certificate was publicly shared by unknown parties. The government department they were working with believed that the technology company could have disclosed the key (either by accident or cyber breach), and they requested an investigation. The breach had the potential to compromise the confidentiality and integrity of messages for a major government department.


The objectives of the project were to investigate the events, determine how they occurred, and provide an analysis of an Australian government’s forensics report. Then we would report to the business partners to help them resume their work together.


Notion Digital Forensics conducted a thorough investigation into the breach events by interviewing technical personnel, collecting and analysing digital evidence, and studying relevant standards (including the Australian Cyber Security Centre’s Information Security Manual). The Notion team delivered an Expert’s Report that addressed the concerns raised in the government’s forensics report and provided recommendations to the business partners.


We provided recommendations for all parties, but we also found that certain actions made it a non-issue. That’s because a key employee protected the private key with a strong password. Our team attempted to crack the password of the disclosed file and found that we could not. We concluded that – even if the file was disclosed – it would be of little benefit since the password was probably too strong to crack (it would cost millions of dollars of computer time to brute force).


Notion Digital Forensics provided an analysis of the breach events that helped the business partners get back to work. Our investigation and report provided assurance to the parties involved that even if the private key had been disclosed, it would be of little benefit, as the password protection was strong. Our recommendations also helped the parties improve their procedures to prevent similar breaches in the future.

Note on testimonial

Due to the sensitive nature of this work, we are unable to offer a testimonial.

However, we worked in partnership with Managed Service Providers (MSPs) and Managed Security Service Providers (MSSP) for this case. We also regularly work with businesses, universities and legal firms to deliver services.

Please contact us for for references for these partners, or for other relevant partners to your situation.

About Notion Digital Forensics

Notion Digital Forensics are technical experts in cybersecurity, e-discovery, and digital forensic investigation and cyber-defence for business and lawyers.

Other Case Studies

Get expert advice for your case. Contact us now

or phone us on 02 8006-0855

Important Notice

Preserving Confidentiality

The case study presented above is based on real events. To protect the identities of the parties involved, we have altered certain facts and details. These changes may be minor or significant and may include the inclusion of false information. Our aim is to maintain confidentiality for those involved.

Seek Customized Advice

Cybersecurity and digital forensics are specialised fields with various options and trade-offs. The information provided on this website may not be applicable to your specific situation. It is highly recommended that you seek tailored advice from an expert before taking any action. We are cyber security specialists, but we may not be your cyber security specialists. Seek professional advice.