My brother started working for a new employer in January. He’s a developer and that’s why he got a laptop from the company. Two weeks later he and three other work colleagues started a conversation. They talked about Bitcoin and what their opinion is about it. My brother also owned Bitcoin at the time but didn’t tell anyone. A week after that conversation, his bitcoins were stolen from him. They got access to his broker account and to his e-mail account in order to confirm the transaction on another wallet. Well we were shocked and we figured that we could never find out who it was. He also hadn’t turned on the 2-fa. After that nothing happen for a long time. On this Monday he had logged in to Skype with the companys laptop and through their network and talked to his colleague. On the same day a stranger logged into his Microsoft account and to his Github account and pushed codes on his repository. Well, we think someone in the company is that hacker. I have to mention here that my brother has also logged into the broker’s website via their network and with the companys laptop. Well what can he do to prevent this? He already activated 2fa in all possible accounts but I guess he forgot his microsoft account. Can we set a trap in order to get the identity of the person who tries to log in? Can we do something?

(Password of his EMail account and his broker account were not the same)