Search Close Talk to Sales
Relativity
Search
Popular Links
RelativityOne
Relativity aiR
Move from on-prem to RelativityOne
Artificial Intelligence
e-Discovery
Legal Hold
Collection
Early Case Assessment
Data Breach Response
Relativity Contracts
RelativityOne Government
Proactive Security
Close

KPMG Processes 1.5TB of Data in Client's Cyber Incident, Reducing Irrelevant Data by 90%

Customer Since
2011

Headquarters Location
New York City, New York

Share Their Story

How did they do it?

  • Quickly and securely transferred 1.5 TB to RelativityOne for processing and review
  • Culled 90% of the data for review, narrowing it down from 1M to 100,000 documents
  • Cut 15 million breach records down to 150,000 records for the final notification report

KPMG to the Rescue on a Big Cyber Attack

When a large restaurant chain faced a severe cyber incident, they turned to KPMG for help. A threat actor had remotely infiltrated their network, stealing a vast amount of data — including file shares and emails — before deploying ransomware. The restaurant chain sought KPMG’s forensic expertise to assist with investigating the breach, recovering the IT system, and navigating the complex regulatory and legal landscape related to privacy notifications.

Data and Timeline Obstacles? Not a Problem

The incident posed some significant challenges:

01
The initial data set was enormous. With approximately 1.5 TB of data containing around 1 million structured and unstructured data elements, a cloud-based solution was essential to quickly transfer this data for processing and review.
02
The timeline was tight. To support notification requirements within weeks, the team required a 24x7 review process with a hybrid onshore/offshore team.
03
They needed accelerated workflows. Accelerated workflows would allow the team to efficiently manage structured data extraction at scale and quickly assess the impact, including the number of individuals affected and the types of personal information (PI) involved.

Advanced Technology to Tackle a Complex Breach

KPMG utilized Relativity Data Breach Response to tackle these challenges effectively. With the SaaS platform RelativityOne, the team quickly and securely transferred data from cloud to cloud. Then they culled 90% of the data, narrowing it down to 100,000 documents for review, and triaged potentially impacted individuals and geographic locations to assess notification requirements. KPMG then used a “Deduplicate Individuals Report” to help estimate an accurate number of impacted individuals.

Streamlined Review and Enhanced Accuracy

By leveraging Data Breach Response with RelativityOne’s other end-to-end solutions, including structured analytics, search terms reports, and active learning, KPMG achieved better and faster results than they would have with a disparate combination of tools.

The team also used RelativityOne to collaboratively review responsive items for data extraction, informing the creation of the notification list. Key features such as PI detectors, PI and entity search, and detector highlighting were instrumental during the Quality Control process. KPMG also integrated their proprietary structured data analysis and extraction tool with the Data Breach Response results.

Meeting Deadlines, Taking Names

KPMG’s efforts led to significant results, meeting client and counsel deadlines that would typically be technically challenging. The team consolidated 15 million breach records down to 150,000 records for the final notification report. The accuracy of the results enhanced the reliability of the notification process.

"RelativityOne and Data Breach Response enabled us to meet client and counsel deadlines on this project that otherwise would not have been feasible, including reducing 90% of the documents to review."
David Nides, Principal, Cyber Response Services at KPMG

KPMG plans to continue integrating Data Breach Response into their incident response processes and aid in helping clients proactively identify and remove unnecessary sensitive data elements to reduce attack surface risk.

Ready to see what Relativity Data Breach Response can do for you?

Get a Personalized Demo