Cybersecurity Lessons from a Pandemic-Era Data Breach

24 Jun 2025

Matt O’Kane recently discussed a pandemic-related cybersecurity incident during Episode Two of Cyber Horror Stories from First Focus, highlighting critical lessons for organizations.

The Incident

Early 2020 hardware shortages prompted many companies to adopt flexible device policies. An Australian brand allowed staff to purchase their own computers locally. The marketing director acquired a MacBook for work purposes without standard company setup protocols.

O’Kane explained the significance: “If you control the machine, you can stop bad software or at least software you’d find undesirable being installed on it.” This oversight became consequential when the marketing director’s employment ended. She returned the laptop after performing a factory reset, eliminating any forensic evidence.

The Breach Discovery

Nine months later, the company learned that confidential information was circulating. O’Kane noted that in Australia, such offers are “usually framed as a signing bonus or an extraordinarily higher paying role than you would ordinarily expect.”

Investigation proved difficult because the organization’s Microsoft 365 license maintained insufficient logging retention. O’Kane emphasized that “some logging windows can be as short as seven days.”

Key Takeaways

Organizations underestimate the value of intellectual property until threatened. Customer databases, sales histories, and contract renewal dates all possess significant market value. O’Kane advocated for balanced security: “We don’t want to create Fort Knox – we want openness with sensible controls around our most important data.”