Search Close Talk to Sales
Relativity
Search
Popular Links
RelativityOne
Relativity aiR
Move from on-prem to RelativityOne
Artificial Intelligence
e-Discovery
Legal Hold
Collection
Early Case Assessment
Data Breach Response
Relativity Contracts
RelativityOne Government
Proactive Security
Close

Deloitte Helps National Retailer Respond to Ransomware Incident with Speed & Precision Using Relativity aiR for Data Breach Response

Customer Since
2008

Headquarters Location
New York City, New York

Share Their Story

How did they do it?

  • Estimated 50–60% improvement in review efficiency using aiR for Data Breach Response versus a traditional manual-first approach
  • Analyzed hundreds of thousands of files – primarily complex spreadsheets – to identify whose personally identifiable information may have been impacted
  • Achieved meaningful cost savings and helped the retailer meet regulatory timelines ahead of schedule

Open Floodgates and a Ticking Clock

When a national retailer experienced a ransomware incident that potentially exposed personal data, the organization needed to move fast, without sacrificing rigor. With stores in multiple states, the organization faced varying regulatory notification and reporting requirements – requiring speed and accuracy under tight deadlines. The immediate priority was to determine what personal data was exposed and which individuals were affected.

To help the retailer respond with confidence, Deloitte put a breach-response playbook into action, mobilizing people, process, and technology – enabled by Relativity aiR for Data Breach Response – to rapidly identify impacted individuals and support regulatory-ready reporting.

Identifying Impacted Individuals Under Scrutiny

The retailer needed to analyze hundreds of thousands of files, primarily complex spreadsheets, to identify individuals whose personally identifiable information (PII) may have been impacted. Beyond speed, the workflow needed to be audit-ready – able to withstand regulatory scrutiny with transparent methods, consistent application of criteria, and documented quality controls.

Deloitte implemented a two-step review approach to deliver rapid identification and a defensible record of how determinations were made. The workflow emphasized repeatability through consistent searches and analytics; traceability via clear documentation of how PII was detected and extracted; and validation with statistically grounded checks to support confidence in the results.

Step 1: Accelerating a High-Stakes Breach Response

Deloitte began by running a generative AI-powered, automated review of the full data set with aiR for Data Breach Response. The tool’s automated detection flagged documents with potential PII and extracted key fields, like individual names and associated PII.

Deloitte then applied searches and analytics to group like files, accelerating downstream review while keeping methods consistent and repeatable.

Finally, the team leveraged Relativity’s spreadsheet QC capability to focus review on high-likelihood columns – a critical timesaver, given the unusually large number of complex spreadsheets.

aiR for Data Breach Response turned all of this around in a fraction of the time, processing massive amounts of data significantly faster than traditional, manual review.

Step 2: Precision and Auditability Through Targeted Quality Control

Fast results were one thing, but thoughtful quality control ensured precision.

Deloitte first conducted targeted manual validation of aiR for Data Breach Response’s results using statistically valid sampling to confirm extraction accuracy and document confidence levels.

They then consolidated extracted PII and applied quality checks to support a client-ready reporting package designed to stand up to review.

By combining automated extraction with statistically grounded validation and documented QC protocols, Deloitte ensured that speed never came at the expense of accuracy.

Making It Work End-to-End

RelativityOne’s open platform and flexible workflows helped Deloitte tailor aiR for Data Breach Response to the specific breach scenario and data realities – especially spreadsheet-heavy populations – while keeping the process cohesive end-to-end.

This moved the team beyond simple keyword searching and helped them avoid full manual review of large spreadsheets by using analytics and structured QC to prioritize and validate results.

It also reduced reliance on disconnected tools and handoffs by integrating tasks, decisions, and quality checkpoints into a single workflow – strengthening traceability and auditability while still moving at speed.

The Impact: Rapid, Defensible Results

aiR for Data Breach Response delivered a significant impact, enabling an estimated 50–60% improvement in review efficiency compared to a traditional manual-first approach – reducing both turnaround time and resource demand. This translated into substantial cost savings for the retailer during the time-sensitive, high-stakes response.

aiR for Data Breach Response also provided faster multi-state reporting, helping the retailer meet regulatory timelines ahead of schedule.

Following this incident, Deloitte continues to enhance their automation capabilities and strengthen quality controls – helping future clients respond to data breaches faster and more cost-effectively. By pairing aiR for Data Breach Response with their team’s expertise, Deloitte is setting a new standard for how organizations can navigate complex breach response with both urgency and accuracy.

Ready to see what Relativity aiR can do for you?

Get a Personalized Demo