Data breaches are on the news frequently, but the average person doesn’t really know that much about what they are and how they happen. Data breaches can occur in a variety of ways, but perhaps the most disturbing is an insider data breach. Companies spend millions on securing their own personal trade secrets and company data, customer accounts, and private details only to find that an insider has broken their confidence and stolen it or sold it for personal gain.
What is Insider Data Breach?
To put it mildly, insider data breach is when a person who works for a company or used to work for a company intentionally causes data theft. Diving a little deeper on the matter, a data breach is when a private company or customer information is stolen to use for identity theft, financial gain, or other purposes. In the case of an insider data breach, the theft is carried out by an employee, ex-employee, vendor, or other trusted source. For example, in the healthcare industry, roughly 58% of all data breaches occur because of an insider rather than an external source. Unfortunately, as companies increase their security from outside breaches, insider breaches are harder to detect and avoid. About 2,560 internal data breaches occur daily in the U.S. Not all insider data breaches are malicious. In some cases, it’s a matter of carelessness, innocent mistakes, or improper security protocols that result in a data breach. A typical company that suffers an inside attack loses $15 million per year, and sometimes that figure can balloon up to $1 billion.
Are There Any Examples of Data Breaches Caused By Insiders?
Along with the everyday insider data breaches that no one ever hears about, there are a few infamous ones as well.
Google Data Breach
Anthony Levandowski was a former Google employee working in their autonomous car department, now called Waymo. Before leaving Google, Levandowski copied and stole thousands of files, including blueprints. He left Google to start his own company Otto Motors which was soon after purchased by Uber. When the insider data breach was discovered, Google sued Uber, and they were forced to pay out $245 million.
Allen & Hoshall Data Breach
Allen & Hoshall had an eye-opening experience when their ex-employee Jason Needham left their company in 2013 to start his own company. The company later discovered that he had left an open door for himself, and for two years after departing, he continued to steal information worth $425,000. He hacked his way into a colleague’s email account and was caught when he submitted a bid that was “suspiciously similar to one from Allen & Hoshall” for an upcoming project. The FBI was called, and with their help, Needham was sentenced to 18 months in jail, plus he lost his engineering license to boot.
Anthem Data Breach
In the case of the Anthem data breach in 2017, it was a trusted partner, LaunchPoint, who suffered the data breach and, in the process, dragged Anthem along with them. Customer data, including Medicare ID numbers, dates of enrollment, and other personal identification, was stolen when an employee emailed himself a copy of the file to his personal account. Lackluster security was to blame for this particular incident despite the fact that Anthem itself had beefed up theirs, they didn’t count on LaunchPoint’s security weaknesses.
Target Data Breach
The 2014 Target’s data breach was again called an inside job because hackers found a weakness in a refrigerator contractor Fazio Mechanical. An employee of Fazio Mechanical clicked a link from an email and downloaded malware to his or her computer. After that, once they logged into Target, the criminals had all they needed to breach the system and install card scraper software into the pay terminals. That data breach affected 70 million people who lost names, addresses, phone numbers, email addresses, and credit card data.
How to Protect Your Company Against Insider Threat and Corporate Data Theft
Data breach prevention starts with education. First, put in place a solid process of educating your employees about IT security, best practices, password safety measures, and privacy protection so that accidental data breaches don’t occur. To secure against malicious insider attacks:
Identify your most sensitive data and secure it.
Have a strict policy about access and logins. If anyone’s information is compromised, close the door and change the credentials immediately.
Disallow any shared access or re-used accounts or passwords. Force password reset each month.
Assign responsibility so that one employee oversees access to specific data. That way, you have accountability, and it is harder for someone to breach access and steal data without being caught.
Have a zero-tolerance policy against suspicious activity or data breaches. Instruct all staff members on how it works and what the consequences will be.
Install tracking software to monitor access to all sensitive data and protected areas of your network.
Perform an IT audit every month to track access and accountability.
Although you can never be 100% sure to prevent an insider data breach, following these measures will ensure you are much safer, and your data is better secured.