Insider Compromises 2 million Private Records
If you’re acquainted to endpoint security solutions and the threats they try to prevent, you have definitely heard of the inside threat. It refers to employees who breach security systems and compromise confidential data. Whether it criminal intent that drives them or ignorance, the effects on the company are the same: loss of money, trust, customers and quite a lot of hassle, all eventually leading to loosing more money.
There are dozens of examples and they such breaches keep happening. The latest has recently been reported by Countrywide Financial Corp. The FBI has just arrested one of their employees and his accomplice for stealing and subsequently selling private records on the company’s customers.
The breach is thought to have started three years ago. The employee in question used to copy batches of 2000 records containing sensitive details, such as social security numbers, and sell them to the competition. Those investigating what happened estimate the total number of affected customers to around 2 million. If you want more details on how it all happened, see the details in the LA Times.
In this specific case, the employee is thought to have acted knowingly. Yet he exploited a flaw in the company’s security. Had they monitored all the computers on their premises and make sure unauthorized data transfers to portable devices was denied, the whole breach would have been avoided.
The inside threat is real and can lead to significant damages. It’s not something to get paranoid about or fear, it’s something companies can easily monitor, preventing such data thefts.
