SANS Digital Forensics and Incident Response Blog: Tag - flat files

Using a Database as a Forensics Tool - Part 1 of 2

What do you do, when your computer forensic tool of choice, Autopsy, EnCase, FTK, etc., helps you to find, say, 40 million data records containing credit card numbers, date of birth, SSN, checking account numbers or similar non-public personal information (NPI)? What if those data are in flat files created by an employee who pulled them from some data source belonging to your organization? What next?

Simulation of "discovered" flat files patterned after an actual case

Query from table 1