Insider security warning from Sage data breach

Insider security warning from Sage data breach

Companies should be careful of security risks from employees and ex-employees, following a data breach at global tech company Sage.

Sage Group said an internal login had been used to gain unauthorised access to the data of some of its British customers. The personal details of the employees of about 280 British companies were potentially exposed in the breach.

The announcement serves as a reminder to all companies that even the best security systems can be useless if passwords are exposed to unauthorised personnel.

Stay the right side of the Data Protection Act

Failing to change passwords when an employee leaves, or forgetting to turn off their access to web-based features, could mean disgruntled employees continue to access company data. This would also make the company liable under the Data Protection Act.

Sage, one of Britain’s largest technology companies, says it has more than 6 million small and medium-sized businesses using its software worldwide. A 32-year-old female Sage Group employee was arrested within two days of the breach, by police at Heathrow Airport, on suspicion of committing fraud.

Ryan O’Leary, Vice President of the Threat Research Centre at WhiteHat Security, told Computer Weekly, “It’s currently unclear what type of internal log-in was used in this data breach. If it turns out to be a log-in portal accessed only from the internal network, this could be a sign of an inside job.

“Data breaches of this kind highlight the importance of careful consideration around access privileges. Sometimes, the easiest way to mitigate an insider threat is to simply audit who has access to critical and sensitive data.”

Five things you can do to protect your data from internal weaknesses

  1. Ensure all access privileges for ex-employees are turned off.
  2. Run an audit of your data and the people who have access.
  3. Implement a cyber security policy, informing everyone of their responsibilities.
  4. Monitor access to data.
  5. Run regular training on data security and protection.

Leave a Comment