Hello and thanks in advance,
I've reason to believe I've had hackers pick up documents from my laptop. Is there a way I can find out what they took i.e. did they just take those documents or have they copied the contents of my drive?
The reason I think I've been hacked is that people who should not have had those documents had them in paper format. My laptop was a possible source.
On 18th Jan our network practically ground to a halt. The Windows Event Log for that day reads three times in a row:
The system time was changed.
Security ID: LOCAL SERVICE
Account Name: LOCAL SERVICE
Account Domain: NT AUTHORITY
Logon ID: 0x3e5
On 19th Jan the network was back up to speed. The Event Log reads:
An attempt was made to register a security event source.
These log items do not appear on any other the other days. Am I wrong in deducing that I was hacked? If not, can I tell what they took?
Thank you for your time,