Everything You Need to Know About Insider Data Breach

  • By David Lukic
  • Published: Aug 25, 2020
  • Last Updated: Sep 23, 2022

Data breaches are on the news frequently, but the average person doesn’t really know that much about what they are and how they happen. Data breaches can occur in a variety of ways, but perhaps the most disturbing is an insider data breach. Companies spend millions on securing their own personal trade secrets and company data, customer accounts, and private details only to find that an insider has broken their confidence and stolen it or sold it for personal gain. 

What is Insider Data Breach?

To put it mildly, insider data breach is when a person who works for a company or used to work for a company intentionally causes data theft. Diving a little deeper on the matter, a data breach is when a private company or customer information is stolen to use for identity theft, financial gain, or other purposes. In the case of an insider data breach, the theft is carried out by an employee, ex-employee, vendor, or other trusted source. For example, in the healthcare industry, roughly 58% of all data breaches occur because of an insider rather than an external source. Unfortunately, as companies increase their security from outside breaches, insider breaches are harder to detect and avoid. About 2,560 internal data breaches occur daily in the U.S. Not all insider cybersecurity threats are malicious. In some cases, it’s a matter of carelessness, innocent mistakes, or improper security protocols that result in a data breach. A typical company that suffers an inside attack loses $15 million per year, and sometimes that figure can balloon up to $1 billion. 

Are There Any Examples of Data Breaches Caused By Insiders?

Along with the everyday insider data breaches that no one ever hears about, there are a few infamous ones as well.

Insider data breach

Google Data Breach

Anthony Levandowski was a former Google employee working in their autonomous car department, now called Waymo. Before leaving Google, Levandowski copied and stole thousands of files, including blueprints. He left Google to start his own company Otto Motors which was soon after purchased by Uber. When the insider data breach was discovered, Google sued Uber, and they were forced to pay out $245 million.

Allen & Hoshall Data Breach

Allen & Hoshall had an eye-opening experience when their ex-employee Jason Needham left their company in 2013 to start his own company. The company later discovered that he had left an open door for himself, and for two years after departing, he continued to steal information worth $425,000. He hacked his way into a colleague’s email account and was caught when he submitted a bid that was “suspiciously similar to one from Allen & Hoshall” for an upcoming project. The FBI was called, and with their help, Needham was sentenced to 18 months in jail, plus he lost his engineering license to boot. 

Anthem Data Breach

In the case of the Anthem data breach in 2017, it was a trusted partner, LaunchPoint, who suffered the data breach and, in the process, dragged Anthem along with them. Customer data, including Medicare ID numbers, dates of enrollment, and other personal identification, was stolen when an employee emailed himself a copy of the file to his personal account. Lackluster security was to blame for this particular incident despite the fact that Anthem itself had beefed up theirs, they didn’t count on LaunchPoint’s security weaknesses. 

Target Data Breach

The 2014 Target’s data breach was again called an inside job because hackers found a weakness in a refrigerator contractor Fazio Mechanical. An employee of Fazio Mechanical clicked a link from an email and downloaded malware to his or her computer. After that, once they logged into Target, the criminals had all they needed to breach the system and install card scraper software into the pay terminals. That data breach affected 70 million people who lost names, addresses, phone numbers, email addresses, and credit card data. 

How to Protect Your Company Against Insider Threat and Corporate Data Theft

protect yourself from insider data breach

Preventing insider threats starts with education. First, put in place a solid process of educating your employees about IT security, best practices, password safety measures, and privacy protection so that accidental data breaches don’t occur. To secure against malicious insider threats:

  1. Identify your most sensitive data and secure it. 

  2. Have a strict policy about access and logins. If anyone’s information is compromised, close the door and change the credentials immediately.

  3. Disallow any shared access or re-used accounts or passwords. Force password reset each month. 

  4. Assign responsibility so that one employee oversees access to specific data. That way, you have accountability, and it is harder for someone to breach access and steal data without being caught.

  5. Have a zero-tolerance policy against suspicious activity or data breaches. Instruct all staff members on how it works and what the consequences will be.

  6. Install tracking software to monitor access to all sensitive data and protected areas of your network. 

  7. Perform an IT audit every month to track access and accountability.

Although you can never be 100% sure to prevent an insider data breach, following these measures will ensure you are much safer, and your data is better secured. 

About the Author
IDStrong Logo

Related Articles

Adult Friend Finder Hacked, 412 Million Accounts Exposed

Six databases that were owned by Friend Finder Networks, Inc. suffered a massive data breach in 20 ... Read More

What is Data Leak and How to Prevent Accidental Data Leakage

Data breaches take many forms, and one of them is through data leak and accidental web exposure. M ... Read More

The Saga of T-Mobile Data Breach: 2013, 2015, 2021 and 2023 Hacks

T-Mobile has experienced a number of data breaches in the past decade. The first case occurred som ... Read More

Anthem Data Breach Exposed 78 Million Records

In the Anthem Data Breach of 2015, hackers were able to steal 78.8 million member’s records. ... Read More

The NSA Hack, How Did it Happen?

The National Security Agency (NSA) was the main attraction in a major data breach involving three ... Read More

Latest Articles

What to Do if Your Credit Card is Lost or Stolen

What to Do if Your Credit Card is Lost or Stolen

Credit and debit cards have become the most prominent form of wealth access in the last decade. Once consumers pulled out thick wallets of cash—they now pull out thin clips of cards—if they bother using a card, not a watch or cellphone.

Credit Card CVV Number: Meaning and Security

Credit Card CVV Number: Meaning and Security

Inspect your credit card, and you'll likely find interesting—and crucial—elements of the plastic rectangle. The front might display the provider's name, a chip, some digits, or an entire card number; the back might hold much the same, along with a signature, when necessary, and a "valid thru [sic]" date.

The Meaning of Two-Factor Authentication (2FA): How to Turn On and Turn Off

The Meaning of Two-Factor Authentication (2FA): How to Turn On and Turn Off

Cyber attacks are a growing threat to all industries, nations, and people. They occur with increasing frequency, with the last year reporting 3,205 data compromises and over $12.5 billion in projected losses, according to the Federal Bureau of Investigation (FBI).

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Free Identity Exposure Scan
Instantly and Securely Check if Your Personal Information is Exposed on the Dark Web or Sold by Data Brokers
Please enter first name
Please enter last name
Please select a state
Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an age
Please enter an email address