A client company was understandably concerned when it lost an important government contract to an out-of-nowhere start-up. The concern grew to alarm, however, when the company realized that the start-up was staffed entirely by its own recently departed employees. The client company suspected the former employees of using proprietary information to bid for and provide services to the government agency, as well as inside knowledge of the contract bidding price, to “steal the deal.” The client company retained counsel and Stroz Friedberg was called to investigate.
During the course of the investigation and discovery, the Stroz Friedberg team performed forensic examinations of the suspects’ former work computers. Through analysis of link files, metadata, event logs and the recovery of unallocated e-mail and document fragments, we were able to establish that the suspects had used web-based e-mail accounts to circumvent the company’s e-mail system and communicate about creating the new company, had accessed and copied information from restricted network locations, and had burned key information to CD, all shortly before leaving the company. Stroz Friedberg presented its findings in expert testimony that was utilized by counsel to gain court-ordered access to the work and home computers of the former employees in their new place of business.
With access to the suspects’ current computers, Stroz Friedberg was able to confirm that the suspects had indeed used the client company’s proprietary information to create service offerings and a successful bid to the government agency. In addition, we uncovered an effort by the former employees to destroy information by deleting data and running a de-fragmentation program. Stroz presented its conclusions in further expert reports and testimony to help the client company win back its contract.