Home worker caught by ransomware attack. Employer furious

JimmyVik

Ms. Newbie18 wrote: »

Her employer cannot do anything to her as they did not provide her with the equipment to do her job safely. They also have zero right to her home laptop.

On a side note, did her employer provide any training re phishing emails?

Things like this are why I insisted on my employer providing me with a laptop before heading home. They have installed security etc and so it should be safe as can be; its also not completely infallible.

I think the upshot of this is that she is safe enough with her job as it was not really her fault she was hacked.
As for handing the laptop over.

I would never hand mine to anyone, nor would i let anyone run any type of scanning software on it.
So I think i'll just swap out her disk for a new one and tell her to hand that over and say it was wiped if they insist on it.


As for the potential for her personal info to be sent to her mates, or the companies info to be sent out to the wild - nothing can be done about that part.

Ms. Newbie18

Jequ0n wrote: »

Tbh the employee doesn’t seem the full shilling either given her sudden realisation that emails might be archived/ accessible.

As our old IT guy used to tell me "information is rarely fully lost/deleted" this is back when I was a kid starting out.. Scared the bejusas out of me and I never used the my office PC or company email for anything other than work again.

some random drunk

some random drunk wrote: »

Well this is an interesting thread. The large multinational I work for has thousands of employees across the globe logging in from their own personal laptops via Citrix. No equipment was provided unless an employee did not have a personal laptop, ie only in rare cases.

With regards to the OP, there's absolutely zero chance I'd be turning over a personal laptop to my employer to examine.

Same here, nearly everyone in my place uses their own computers and logs in remotely to work using Citrix.

This thread has ruined my Friday, and most of my direct reports, and my own directors Mondays (ha!) because this thread has freaked me out and we will have to do something and make sure we are working safely.

I'm not an IT person but I had assumed (because IT are happy with it I guess) that because Citrix works in the sandbox and you can't copy and paste or whatever in or out of it that it is safe. Of course, thinking about it a little, I see how it is not totally safe.

Mrs OBumble

Mrs OBumble wrote: »

I do not believed that is correct.

Unless you're working for an I.T. company and were allowed to work from home prior to covid, you will that most are indeed working from home on personal equivalent, including the majority of civil servants.

Jequ0n

DubInMeath wrote: »

including the majority of civil servants.

The irony

beababelle

This thread has really opened my eyes. I am completely shocked at the number of people working on their personal laptops for their employers. I have been supplied with a keyboard, laptop and a monitor. It wouldn't have even occurred to me to use a personal laptop, and as someone else said above, at 15 months into a pandemic there was more than adequate time to provide people with the correct equipment or ship their office equipment to their home addresses.

If employees are supplied with IT equipment to enable them to do their jobs in the office, then why doesn't it follow that they'd be supplied with the same IT equipment to work from home?

To the OP - tell that person to get solicitors advise and by no means hand over the laptop. Her employers have absolutely no right to ask for access to it. If their IT dept was worth its salt, this wouldn't have happened in the first place.

Telly

I dont know anyone working from home and using their own equipment. That's just crazy.

beababelle

beababelle wrote: »

This thread has really opened my eyes. I am completely shocked at the number of people working on their personal laptops for their employers. I have been supplied with a keyboard, laptop and a monitor. It wouldn't have even occurred to me to use a personal laptop, and as someone else said above, at 15 months into a pandemic there was more than adequate time to provide people with the correct equipment or ship their office equipment to their home addresses.

If employees are supplied with IT equipment to enable them to do their jobs in the office, then why doesn't it follow that they'd be supplied with the same IT equipment to work from home?

To the OP - tell that person to get solicitors advise and by no means hand over the laptop. Her employers have absolutely no right to ask for access to it. If their IT dept was worth its salt, this wouldn't have happened in the first place.

If the company owners were worth their salt it wouldn't have happened, as at the end of the day they are the ones holding the purse strings.

Stunned as well that people use personal computers when working for an organization. Never heard of that, I've always had all equipment provided.

AndrewJRenko

plodder wrote: »

I'm amazed that companies allow employees to use personal laptops as the general policy. If there weren't enough laptops to go around when lockdown started, why didn't they send people's desktop PCs home then? The employer doesn't have a leg to stand on here, if it's as reported.

Lots of people don't have physical space for a desktop. It's not the kind of thing you want to be unplugging and reconnecting on the kitchen table every day.

JimmyVik

Ms. Newbie18 wrote: »

As our old IT guy used to tell me "information is rarely fully lost/deleted" this is back when I was a kid starting out.. Scared the bejusas out of me and I never used the my office PC or company email for anything other than work again.

From my days in tech services years ago, I would say thats a good idea
Oh the emails, we used to read from the users and then forward on the juicy ones to each other.
One of the best was a director of the company organizing his prostitute for each weekend. Jesus he was disturbed.

AndrewJRenko

DubInMeath wrote: »

Unless you're working for an I.T. company and were allowed to work from home prior to covid, you will that most are indeed working from home on personal equivalent, including the majority of civil servants.

That's not my experience. Some people were connected on personal devices in the mad rush in March 2020, but those have largely been replaced by corporate devices now.

plodder

We don't use it, but it seems Citrix have been encouraging this kind of scenario.

https://www.citrix.com/blogs/2019/05/21/protect-apps-from-keyloggers-and-screen-scrapers-with-citrix-workspace/

we are introducing new technology that can help protect application data from keyloggers and screen scrapers while still allowing companies to embrace BYOD and extend their apps to contractors and gig economy workers.

BYOD = Bring your own device

"can help" being the key term there. No guarantees unfortunately.

Bicyclette

DubInMeath wrote: »

Unless you're working for an I.T. company and were allowed to work from home prior to covid, you will that most are indeed working from home on personal equivalent, including the majority of civil servants.

Agreed a lot of the CS are using their own machines but people can now get desktop equipment if they wish. The only issue with desktop equipment is that you have to find a permanent place for it.

Sometimes - very very occasionally - with Citrix, it doesn't fully disengage from the person's own system and you can have Citrix open in one tab and other stuff open in the other (it happened to someone I know at one stage). So the "sandbox" is compromised.

I'm wondering if that is what happened to your friend.

beababelle

AndrewJRenko wrote: »

That's not my experience. Some people were connected on personal devices in the mad rush in March 2020, but those have largely been replaced by corporate devices now.

I was working with a large Irish organisation on a project at the start of the pandemic that was suddenly stopped as they had to re-direct the budget into buying 00's of laptops for their staff. Up to that point, all staff had been using desktops in the office and the organisation had not permitted working from home.

Outkast_IRE

Most good companies with decent IT policies have been moving away from desktop stations to laptops for years. On the basis that it provided flexibility to work from anywhere if travelling etc.



That being said i know of people working in the financial sector who were told to use personal equipment when this all kicked off and citrix or similar was used to remote desktop / login.

Jimmy Bottlehead

JimmyVik wrote: »

From my days in tech services years ago, I would say thats a good idea
Oh the emails, we used to read from the users and then forward on the juicy ones to each other.
One of the best was a director of the company organizing his prostitute for each weekend. Jesus he was disturbed.

Off topic, but what a disgusting practice to invade the private mails of others.

JustAThought

JimmyVik wrote: »

This is a bit of a long story but I will shorten it as best I can. Maybe someone can offer some advice.

Someone I know was working from home, logging into her work network via citrix.
So the shortened version of the story is ..
A hacker has emailed a video to her containing videos and screenshots of very sensitive data that she was working on. She thinks they have been recording this stuff for months based on what she was working on.
They have demanded €5000 to not show it to her employer.

So, good employee that she is, she sent this demand on to her boss and also the videos. She still does not know how they got this stuff (obviously some software that installed on her home pc recording screen and key presses etc), but she has basically been put on leave pending disciplinary action and she is afraid they may go further.

There were other threats from the hackers too that I wont go into here, as they are nothing to do with her job.

Anyone know what she can do here?
Ive told her to have her laptop wiped for a start and start as a fresh one.
But she is more concerned that her employer may fire her or even stop paying her for a while until they let her back to work.
This is obviously going to cost the employer a lot and they have to go to all clients where data may have been compromised and come clean too, so understandably they are pissed, but working in IT myself, I know for a fact that this could happen to anyone at any time, especially when using home equipment.

Oh and her employer wants her personal laptop too to examine. Obviously she has stuff on this she doesnt want her employer (or anyone else) digging into as well.

Can she head off to Currys and buy an old fashioned external hard drive -NOT the type linked to the cloud automatically the older versions - and move all her family and other files to that. Then delete all that stuff off her PC.

- Print out all her emails - past performance reviews, HR training , policies and protocols, and evrything to do with her questions and instructions on working from home. Thats of her manager hasn’t reatricted her or moved it already. This is for her to have for the disciplinary meeting/ workplace unfair dismissal claim

- Everything by email but bcx to her private account now - again - she is laying the groundwork for a DH & defence

To be seen to be helpful she could offer for someone from IT to come to her house at a prearranged time to view the security on her PC - obviously as her child needs it for school/projects EVERY DAY and both she and her husband need it for family and personal reasons ( communicating with teachers, apps for ordering groceries, personal family photos, medical information etc) the family cannot be left without it but if IT want to come & check the security/ update antivirus on it then she is happy to facilitate them without disadvantagimg or impairing her childs learning & schoolwork...

If you see where this is going.

It all revolves around policy - what was instructed, what was given as reaources, were there sudden late night urgent email requests that she facilitated on her home pc for speed/ to facilitate urgent demands/ were her RFI ignored or assumptions made - etc etc

Boss might be just following internal protocol to cover his ass with clients -so he can say investigation underway, staff member put on suspension, all devices siezed & investigated/wiped etc - she might have nothing to fear - remember KPMG & others can forensically recover data from harddrives. I’ve used it myself for cctv wiped in court cases. Frightening when you think about it - as Nixon found out in the 60’s the hard way.

Ms. Newbie18

JimmyVik wrote: »

From my days in tech services years ago, I would say thats a good idea
Oh the emails, we used to read from the users and then forward on the juicy ones to each other.
One of the best was a director of the company organizing his prostitute for each weekend. Jesus he was disturbed.

Oh my.. The worst of my emails would have been b*tching about work to pals or other colleagues. Coordinating holidays etc.

Gave all that up though. Later when people were caught it wasn't only IT who read the mails. HR had IT flag anything that looked non-work related. So IT, HR, Office Manager/department head all seen them.

There were definitely a few red faces around the office.

theteal

Jimmy Bottlehead wrote: »

Off topic, but what a disgusting practice to invade the private mails of others.

Not that I'd be into filtering through emails for giggles but they're not private, they belong to the company.

hmmm

This is an edge case, lots of companies use Citrix to allow people work on internal systems from personal devices and it works fine.

The company could have done a lot to protect themselves by ensuring that the personal devices met certain security standards e.g. anti-virus, patched.

There is no such thing as perfect security.

krissovo

Citrix has been a dinosaur a few years now, more modern systems have a local element running that isolates work from personal applications.

AndrewJRenko

AndrewJRenko wrote: »

That's not my experience. Some people were connected on personal devices in the mad rush in March 2020, but those have largely been replaced by corporate devices now.

Friend of mine is working in revenue, started about 14 months ago and they and anyone he started with are still using their own devices as are a good few of the staff thep for years in different departments.

They use thin clients so would have to ship everything to the users, so not as easy as just shipping out a laptop.

For my friends case at least he's very security conscious and actually certified so the device is solely used for work and online banking purposes to try and prevent any potential issues occurring.

Bicyclette

Bicyclette wrote: »

Agreed a lot of the CS are using their own machines but people can now get desktop equipment if they wish. The only issue with desktop equipment is that you have to find a permanent place for it.

Sometimes - very very occasionally - with Citrix, it doesn't fully disengage from the person's own system and you can have Citrix open in one tab and other stuff open in the other (it happened to someone I know at one stage). So the "sandbox" is compromised.

I'm wondering if that is what happened to your friend.

Wasn't my friend, but get what you mean.

The solution would be to use the full Citrix receiver and not the lite version in the browser.

statto25

eusap wrote: »

I fail to see the difference here, you allow a VPN to your network, if they are accessing RDP or a File Share directly they are on the same network? Why do you think one is safer than the other?

The connection only allows an RDP session, nothing else. The user connects to a concentrator and they then can use Remote Desktop to gain access to a remote machine. No FTP, cut/paste etc.

plodder

plodder wrote: »

I'm amazed that companies allow employees to use personal laptops as the general policy. If there weren't enough laptops to go around when lockdown started, why didn't they send people's desktop PCs home then? The employer doesn't have a leg to stand on here, if it's as reported.

I was using my own device up till 3 months ago. Its not so unusual.

doc22

SouthWesterly wrote: »

I was using my own device up till months ago. Its not so unusual.

What caused the change? did you ask?

Bigmac1euro

Lots of companies let you login from personal computers using Citrix. We have an RSA token code and a gateway which allows us onto our cloud. The cloud is in a container, though the computer I’m using to logon has no communication but acts as window onto the cloud work environment. It’s fairly secure but a malicious virus that screen records might be an issue for some sensitive documents though there is no way they can pull data off the work servers unless they go to the office or stop by the data centre in west Dublin or install something to our Laptops with VPN. Our laptops with VPNs which most users are on and I can tell you these are far more dodgy than the home laptops using Citrix and rsa token.

ted1

lawred2 wrote: »

Me for one and all my colleagues

Have you asked your employer got hardware or told them you don’t have hardware ?

We all got sent your new corporate laptops and/or thin client laptops

ted1

DubInMeath wrote: »

They use thin clients so would have to ship everything to the users, so not as easy as just shipping out a laptop.

It is just as easy , we were sent mobile thin clients. https://www.google.ie/amp/s/www.storagereview.com/review/dell-wyse-5470-mobile-thin-client-review%3famp


All mobile devices were enrolled in Microsoft Intune and we all hot migrated to office 365

Swindled

JimmyVik wrote: »

Most people working from home now are not doing so via company equipment.

Not the case in a lot of the public service, some had employer laptops anyway, many had not. Not saying she works in the PS by the way.

Swindled

JimmyVik wrote: »

I have many tens of thousands of hours experience in the business with a hell of a lot of external companies. This is my experience.

Its a fact.
Does it even matter though tbh?

I don't know what area of IT you work in, but it's certainly not the norm where anything financial is involved, and pretty stupid if it is.

Swindled

JustAThought wrote: »

Can she head off to Currys and buy an old fashioned external hard drive -NOT the type linked to the cloud automatically the older versions - and move all her family and other files to that. Then delete all that stuff off her PC.

- Print out all her emails - past performance reviews, HR training , policies and protocols, and evrything to do with her questions and instructions on working from home. Thats of her manager hasn’t reatricted her or moved it already. This is for her to have for the disciplinary meeting/ workplace unfair dismissal claim

- Everything by email but bcx to her private account now - again - she is laying the groundwork for a DH & defence

To be seen to be helpful she could offer for someone from IT to come to her house at a prearranged time to view the security on her PC - obviously as her child needs it for school/projects EVERY DAY and both she and her husband need it for family and personal reasons ( communicating with teachers, apps for ordering groceries, personal family photos, medical information etc) the family cannot be left without it but if IT want to come & check the security/ update antivirus on it then she is happy to facilitate them without disadvantagimg or impairing her childs learning & schoolwork...

If you see where this is going.

It all revolves around policy - what was instructed, what was given as reaources, were there sudden late night urgent email requests that she facilitated on her home pc for speed/ to facilitate urgent demands/ were her RFI ignored or assumptions made - etc etc

Boss might be just following internal protocol to cover his ass with clients -so he can say investigation underway, staff member put on suspension, all devices siezed & investigated/wiped etc - she might have nothing to fear - remember KPMG & others can forensically recover data from harddrives. I’ve used it myself for cctv wiped in court cases. Frightening when you think about it - as Nixon found out in the 60’s the hard way.

They have no more right to your personal laptop / pc than they have to searching your house. Handing them a laptop with wiped HD/SDD is just codology, unless you really know what you are doing any Cyber security section worth their salt could recover a lot of it. Handing them a laptop with a new HD/SDD is just the same, they'll be even more interested in the in what you are "hiding". Either they provide laptops / pc's for home use, or they run the higher risk.

NickNickleby

NickNickleby wrote: »

Excellent point, (and it hadn't occurred to me, and there's me laying people off all over the place:eek::pac:)

AndrewJRenko wrote: »

Lots of people don't have physical space for a desktop. It's not the kind of thing you want to be unplugging and reconnecting on the kitchen table every day.

It might seem contradictory that I thanked your post, but yes that is a real consideration. But.....

If my employer said "hey Nick its PUP or Citrix client on your own personal pc and I don't care how awkward that is" or "hey Nick its PUP or bring your desktop home and work away from home" I'd bite his hand off. As would most people - if given such a stark choice.

I don't know anyone who has raised any issues with WFH, aside from them missing the camaraderie of the office. Crowded buses and traffic jams and queuing at the bus stop is not missed at all.

Caveat: I'm now retired and my bus pass is gathering dust, so naturally I'm speaking hypothetically .

When I did occasionally work from home, my laptop was set up on a 40x40cm folding desk squashed in the corner of the bedroom. Despite the severe lack of comfort, I loved it. Far more productive with no constant interruptions from managers "have you got a second?" and no 14km cycle to work in the rain.


All off topic and apologies , but I like to add context to my posting (well, sometimes)

gmisk

clog wrote: »

Have you any evidence for this statement?

Anyone I know working from home is using work supplied IT equipment.

I would say majority are working from home on work laptop, but I'd say a decent cohort using their own.
We have maybe 30 in an org of 800, but this number has been wittled down gradually

AndrewJRenko

NickNickleby wrote: »

It might seem contradictory that I thanked your post, but yes that is a real consideration. But.....

If my employer said "hey Nick its PUP or Citrix client on your own personal pc and I don't care how awkward that is" or "hey Nick its PUP or bring your desktop home and work away from home" I'd bite his hand off. As would most people - if given such a stark choice.

I don't know anyone who has raised any issues with WFH, aside from them missing the camaraderie of the office. Crowded buses and traffic jams and queuing at the bus stop is not missed at all.

Caveat: I'm now retired and my bus pass is gathering dust, so naturally I'm speaking hypothetically .

When I did occasionally work from home, my laptop was set up on a 40x40cm folding desk squashed in the corner of the bedroom. Despite the severe lack of comfort, I loved it. Far more productive with no constant interruptions from managers "have you got a second?" and no 14km cycle to work in the rain.


All off topic and apologies , but I like to add context to my posting (well, sometimes)

There's a few threads here, broadly indicating that while a substantial majority agree with you and love the WFH stuff, there are a minority of people for whom it doesn't work at all. Any employer presenting a choice of a desktop or PUP would probably find themselves facing a constructive dismissal claim.

NickNickleby

AndrewJRenko wrote: »

There's a few threads here, broadly indicating that while a substantial majority agree with you and love the WFH stuff, there are a minority of people for whom it doesn't work at all. Any employer presenting a choice of a desktop or PUP would probably find themselves facing a constructive dismissal claim.

I'm pretty sure they wouldn't be so naïve, as to present the option in terms that could lead to litigation. But it could be a reality for some businesses that if employees can't or won't work from home (during Covid restrictions), then they could find their business compromised. Nobody wins then.

mrjoneill

JimmyVik wrote: »

To be fair I dont think she did anything differently to what anybody else would do when working from home.
But personally, I would never hand my laptop to anyone, for any reason.
Just think of all the information that could be taken from your laptop about you.

I also think she is safe enough in her job, just dont know how the employer will react if she says they are not getting her laptop.


I think i'll tell her to say she took a sledge hammer to it and it is now in a million pieces at the dump.

Her laptop is her personal property and its contents. Can't see why the employer is yielding a sledge when there may not be even a nut to crack. Wondering has not only the employee the right to defend her position but go after them for defamation.

AndrewJRenko

NickNickleby wrote: »

I'm pretty sure they wouldn't be so naïve, as to present the option in terms that could lead to litigation. But it could be a reality for some businesses that if employees can't or won't work from home (during Covid restrictions), then they could find their business compromised. Nobody wins then.

The first step is for the employer to provide suitable equipment. If the employee is kind enough to give over their bedroom or kitchen table to the employer free of charge, it is the least the employer can do to give decent equipment, such as a laptop and not a desktop.

Eire Go Brach

Very surprised so many use their own equipment. I think it's pure madness.

I work in IT and we would fight this nail and tooth if it was requested by a senior manager.
If we where told to do it. We would be requesting waivers plus highlight that we can't support this security wise under any circumstance.

If anybody is using their own equipment I would suggest you look at your contract. Get onto HR Monday and make sure your not liable for any security breach.

OP I would say that employee is safe. I would be demanding full pay. If suspended. She done nothing wrong. IT can look at your emails if they need to anyway.
I would not be providing my laptop. Get on to a solicitor as well.

NickNickleby

AndrewJRenko wrote: »

The first step is for the employer to provide suitable equipment. If the employee is kind enough to give over their bedroom or kitchen table to the employer free of charge, it is the least the employer can do to give decent equipment, such as a laptop and not a desktop.

In the main, I agree with this. But I'm making all my posts in the context of current Covid-19 impositions on all of us, with many SME's being thrust into a situation for which they are ill prepared and possibly lack the funds to ramp up their infrastructure. I'm also aware that some employers will take advantage of situations without proper consideration for their employees, hopefully they're in a tiny minority. I know people who have taken unpalatable decisions to protect each other (pay cuts rather than redundancies in a small business), with the hope and promise of returning to normal when the situation improves.

I'm sure most of us would do whatever we could, to aid our employer if their business (and consequently our livelihoods) were in jeopardy.

Beechwoodspark

This whole situation sounds very odd...don’t think the full story is being given...

doc22

doc22 wrote: »

What caused the change? did you ask?

Civil service. Didn't bother asking.

Calhoun

JimmyVik wrote: »

This is a bit of a long story but I will shorten it as best I can. Maybe someone can offer some advice.

Someone I know was working from home, logging into her work network via citrix.
So the shortened version of the story is ..
A hacker has emailed a video to her containing videos and screenshots of very sensitive data that she was working on. She thinks they have been recording this stuff for months based on what she was working on.
They have demanded €5000 to not show it to her employer.

So, good employee that she is, she sent this demand on to her boss and also the videos. She still does not know how they got this stuff (obviously some software that installed on her home pc recording screen and key presses etc), but she has basically been put on leave pending disciplinary action and she is afraid they may go further.

There were other threats from the hackers too that I wont go into here, as they are nothing to do with her job.

Anyone know what she can do here?
Ive told her to have her laptop wiped for a start and start as a fresh one.
But she is more concerned that her employer may fire her or even stop paying her for a while until they let her back to work.
This is obviously going to cost the employer a lot and they have to go to all clients where data may have been compromised and come clean too, so understandably they are pissed, but working in IT myself, I know for a fact that this could happen to anyone at any time, especially when using home equipment.

Oh and her employer wants her personal laptop too to examine. Obviously she has stuff on this she doesnt want her employer (or anyone else) digging into as well.

I would say regardless of what she does he job is at risk, i would be using this opportunity right now to document as much as she possibly can to protect from unfair dismissal.

An employer who is too cheap to provide the proper equipment to work from home and has no IT infrastructure is going to look for a scapegoat. My industry is in tech/manufacturing and sales for certain product have been through the roof allot of industries paid for their employees to work from home.

Simply put if you dont invest in the infrastructure to keep things secure you only have the company to blame for crap like this.

jimmycrackcorm

My employer has tens of thousands of employees wfh using VMware horizon on our own equipment. In the office we don't even have PCs, just a terminal box.

We were already operating a hybrid model prior to the pandemic so were geared up for remote access. In fact the RSA token was the very first thing I received before a desk was even allocated.

AFAIR, it only runs as long as you have antivirus or defender active and working.

Calhoun

jimmycrackcorm wrote: »

My employer has tens of thousands of employees wfh using VMware horizon on our own equipment. In the office we don't even have PCs, just a terminal box.

We were already operating a hybrid model prior to the pandemic so were geared up for remote access. In fact the RSA token was the very first thing I received before a desk was even allocated.

AFAIR, it only runs as long as you have antivirus or defender active and working.

This is the other way of doing it due to how your business operates. Even though your using your own equipment the fact you have the VPN tokens ect and security measures is what matters.

If none of that is in place and you dont do training on this stuff then it has to come down to the employer.

Very interesting to hear about the setup you have, at one stage thats how i imagined the industry would have went in terms of computing. It probably still is but the WFH element has added the need to keep dedicated full system hardware around.

athlone573

If I read the OP correctly, they were let log in from a laptop they shared with their husband/kids/dog?

The employer was a bit stupid to allow this,as was the employee for going along with it, it would be harsh to go down the disciplinary route unless there are very clear policies that the employee signed up to.

StringerBell

I feel luckier now with the level of IT security I experience in my own firm then.

We deal with a lot of sensitive information both financial and personal and it would be a national at minimum scandal if something were to go wrong.

We are given all our own equipment and not supposed to use personal laptops for anything, though I do suspect some of my colleagues have been using personal computers over the past 18 months I do think if something goes wrong it would be on them as the employer has provided everything we need and we have clear instructions on how to treat sensitive data and what we can and cannot do down to not shutting the laptop off fully when closing out of work for breaks, or end of day.

I'm not shocked to hear how lax some company's would be with sensitive data but it is a ticking time bomb I reckon

The DayDream

I would simply run away and start a new life if this Black Mirror type ish happened to me.

Or at least make it appear I did. If it was my personal laptop, I would wipe it and sell it in CEX or somewhere, with the explanation I was afraid I was about to get fired and would need the money to get by. She's well within her rights to do that, and if the employer wants the wiped laptop they can go ahead and buy it used from CEX if they want it. If there is any blowback about it being wiped, sorry, CEX must have done it as they do before they sell things on.

Then I get a new phone with dual sim and two new sims with new phone numbers. One number I would give to my employer with the explanation that I felt it was necessary in case my phone was hacked as well as my laptop. I'd tell my boss I'm going to stay in Leitrim at my grandparents farm which has no internet and only phone coverage is in the 2nd floor bathroom, and I'll return when my leave from work is over.

I would have this number set to go straight to voicemail and no one else would have it. Voicemails and texts would be checked/answered once in the morning and once in evening - sorry boss that's the only times Im on the crapper. The other number would be my new number for personal use and my boss would not get it. Let the hackers do their worst, don't engage with them or anyone and just let it either blow over or let my solicitor invite my employer to get hauled over the coals in court for their awful practices that compromised the company data and my mental health, finances and personal relationships.

gogo

There is clearly more to this story... it’s digressed into a debate about working from home using personal equipment but the crux here is she was hacked, plain and simple .could happen to the best of us, even the HSE..
I work from home when I can, have full equipment from work but had I have been using my own laptop and it got hacked, I’d have no problem handing it over, what have I got to hide really? A out of control shopping addiction and an unusual habit of searching random things at 2am in the morning.. how tall was Jesus anyone?
If she has an only fans account or dubious amts of pron to hide, she may just suck it up... first response here was that’s it only half the story and then OP concurred ... I’m sure whom ever is going to investigate will garner the same response fairly quickly. Going in with a wiped/new hard drive screams some sort of complicity in what happened.
Taking the moral high ground and dumping her laptop isn’t in anyway helpful to allow a proper investigation, 100% agree company messed up here not her, but why not just co operate, I’m sure her boss is in damage control mode and won’t give a fiddlers about what’s on her laptop, unless it’s dodgy websites and if it is, then she’s a dope for mixing work with pleasure anyway... but again has a strong case, if she received no training on wfh/security etc etc nor received any secured equipment.. in the long run she can be fairly confident she will be fine... just has to ride it out.
To be fair, if it was me I’d still be hiding under my bed now, but at the same time I’d reconsider what a crap position I’ve left my company (and they put me in...) but I’d be doing my upmost to assist where I could.. if it came to disciplinary action .. I’d fight it when it arises, but not co operating is not a good place to start. Just my 2C