Consilio in Action: Expert Data Solutions for a Complex Incident Response Event

When a major U.S. life sciences and health care company’s data was compromised in the MOVEit breach impacting multiple individuals worldwide, it turned to Consilio, a leader in eDiscovery, document review, risk management, cybersecurity incident response and legal consulting services, for help responding to the event.

Consilio collaborated closely with the client, its incident response breach counsel and the cybersecurity insurance claim provider to rapidly assess and analyze the incident, allowing the client to take appropriate action in notifying impacted individuals as required by each state law.

The Complicated Data

The MOVEit breach originated with a critical vulnerability in MOVEit file transfer software, which attackers exploited to access files.

The cybercriminal threat actors had access to data resulting from the vulnerability in the MOVEit platform. With the client’s data exposed, a swift response was required.

Complicating matters, the client’s breached files were in a complex proprietary electronic data interchange (EDI) format as well as many other unique file types that the Consilio team had to extract PII/PHI from, making analysis difficult. With thousands of intricate files exposed, custom solutions were needed to extract the critical personal information within.

“These unique files were part of the incident, and our team had to use advanced data mining techniques to create structure from unstructured files. Our goal was to give our client the ability to identify the people and organizations potentially impacted by this incident and notify them,” states Michael Manzo, business director at Consilio.

The Flexible, Expert Team

Consilio quickly assembled an expert team.

Brad Burdick, an experienced cyber data solutions senior manager at Consilio, was tasked with overseeing quality control, timelines, communication and coordination. Niki Nelson, Consilio’s custom solutions data analytics director, leveraged her EDI expertise and used a unique software application to decipher file structures and extract key data fields for reporting and notification. This required carefully studying the EDI file structure and collaborating closely with the client to determine critical data needs.

Brendan McMorris, an attorney and incident response senior manager at Consilio, collaborated with breach counsel around notification needs. Brendan also worked with the document review teams to properly extract information and ensure local, state and federal compliance. Additional Consilio data experts joined the project team to develop custom scripts to streamline the loading of extracted information from the array of EDI and other diverse file formats into spreadsheets for analysis and reporting.

“I believe our client appreciated the immediate flexibility we demonstrated. We try to make the projects and process as easy for the client as possible. When something like this project comes in, with nobody having done or seen anything like it before, it becomes imperative that we pull together a team and system that can give the client exactly what they need,” claims Brendan.

Michael continues, “Niki put in a lot of work upfront to make this project happen. If we had tried to do it without engineering expertise and advanced technology tools, it would have taken years to complete with traditional methods.”

Crafting a Successful Solution with the Right Technology and Team

Expert interpretation of complex proprietary data formats by Consilio enabled quick investigation of the incident’s impact. Hours went into analyzing and mapping data connections. With Niki’s efforts in mapping EDI data and creating efficient processes to consolidate extracted information into standardized formats, Consilio was able to rapidly deliver actionable datasets, which allowed the health care client to identify the critical personal information needed and meet regulatory and compliance obligations.

Niki says, “The most important thing to me about this project was that we were able to give the client confidence and comfort that we were taking the time, using our resources and delivering accurate results.”

Meanwhile, ongoing guidance regarding notification policies was provided by Consilio team members who demonstrated versatility in solving unique data problems with both technology and solutions tailored to the situation. Smooth collaboration between Consilio, breach counsel and the client ensured precise data and preferred format needs were met. The client offered ongoing positive feedback on Consilio’s effectiveness at managing and solving this complex incident.

The client was left with the utmost confidence that Consilio can decipher any data challenge, based on its industry-leading expertise in extracting value from complex proprietary data.

With the upfront collaboration and initial diligence during the early phases coupled with the utilization of powerful mapping application software and human intuition, the Consilio team was able to identify and extract the sensitive data within the parameters of the regulatory requirements.

The Consilio Difference

With seasoned specialists, legal guidance, customized technical solutions and exemplary leadership, Consilio acted as a true partner amid the incident. “I’ve always been a problem-solver and love a challenge. When this client came to us, I knew we’d be able to put our heads together and come up with a solution. I really enjoyed bringing a team together that could collaborate and complete it with great success,” states Brad.

Michael adds, “It is important to me that our clients and partners trust the Consilio incident response team. When cybersecurity insurance claim providers and breach counsel regularly recommend Consilio, it speaks volumes to the consistent impact we’ve had over the years.”