Another high profile organisation fell victim to data loss this week, this time as a result of what appears to have been an internal breach. Wm Morrison, one of the UK’s most popular supermarket retailers, was forced to admit that the salary and bank account details for 100,000 of its staff were stolen and published online. As reported in the Telegraph (http://www.telegraph.co.uk/finance/newsbysector/retailandconsumer/10697659/Morrisons-woes-deepen-with-payroll-theft.html), it is understood that the payroll data was leaked from within the company and then published on the internet for several hours until it was removed. A disc containing the data was also sent to a local newspaper in Bradford, where Morrisons is based.
In a statement, a spokesperson from Morrisons was quick to refute any suggestions of hacking, instead implying that the breach was an inside job and “not the result of an external penetration of our systems”. The company said it is now working with police to identify the person responsible but stressed that no customer data had been lost and that employees would not be left “financially disadvantaged”.
As an ‘insider threat’, the breach raises some serious questions as to how such sensitive HR data could be freely accessed. Were staff able to simply browse servers without having to enter a password?
With so many instances of external breaches, as a result of DDoS or malware attacks, many organisations grossly underestimate the risks lurking within a company – instead concentrating on implementing firewalls and intrusion-detection systems to protect against external attack. But, as this latest breach shows, insider threats are every bit as damaging. This is why it is so important to have a solid internal data loss prevention strategy in place; staff access should be restricted and all data should be encrypted as standard. With a multi-layered approach to security, businesses will be better placed to identify suspicious activity before a breach can occur.