Sage data breach highlights the risk of the insider threat
Security

Sage data breach highlights the risk of the insider threat

A suspect in a recent data breach at Sage, a U.K. provider of business software, has been arrested. On Wednesday, police in London detained a company employee.

The 32-year-old woman was held for alleged fraud against the company, London City Police said. She has since been released on bail.

It’s still unclear what information, if any, may have been leaked. However, Sage, a supplier of accounting and payroll software, began notifying customers about the breach last week.

Between 200 and 300 business clients in the U.K. may have been affected. At the time, Sage said the breach had come from unauthorized access to internal login data.

Security firm the Antisocial Engineer has been in contact with Sage and said a company insider was the prime suspect.

Because Sage’s software handles payroll data, the company has information on their client’s employees, including addresses, insurance numbers, bank account details, the Antisocial Engineer said.

Sage didn’t immediately respond to comment about the arrest. But security experts say the breach underscores the danger of data theft from company insiders.

To protect their systems, companies need to reconsider offering employees unrestricted access to valuable data.

For instance, the access should be tied to individual accounts, said Chris Webber, security strategist at Centrify, an ID management software provider.

“This way you can revoke access simply and quickly, by user, when something goes awry,” he said in an email.

Companies can also consider monitoring their employees’ activities, when accessing sensitive resources, said Mimecast, a provider of business email and data security.

About 45 percent of companies say they are ill-equipped to handle malicious threats from insiders, it found in a recent study.

To ward off the danger, companies can install internal safeguards that can prevent employees from sending sensitive data to anyone outside the network, Mimecast said.

IDG Insider

PREVIOUS ARTICLE

«DRAM will live on as DDR5 memory is slated to reach computers in 2020

NEXT ARTICLE

MIT Media Lab sponsors hackathon pushing limits of VR and AR»
author_image
IDG Connect

IDG Connect tackles the tech stories that matter to you

Add Your Comment

Most Recent Comments

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.

images

Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.

images

Poll

Should companies have Bitcoins on hand in preparation for a Ransomware attack?