On August 14, 2016 the BBC reported that personal details including bank account information for employees across 300 large UK companies may have been compromised as part of a data breach at Sage, a UK accountancy software group.
Sage released a press statement:
“We believe there has been some unauthorised access using an internal login to the data of a small number of our UK customers so we are working closely with the authorities to investigate the situation. Our customers are always our first priority so we are communicating directly with those who may be affected and giving guidance on measures they can take to protect their security…”
At this stage it is unclear if any information has been stolen or simply viewed. The data that Sage is likely to hold on many UK companies and their staff will consist of personal details such as addresses, national insurance numbers, names, date of birth, bank account details and salary information.
SureCloud security experts discussed the insider threat – an employee. In many cases breaches are caused by an employee who has access to key privileged information which may be considered beyond the remit of their role. Regular detailed reviews should be carried out as to the appropriateness of access, and for areas that contain information deemed sensitive. Company policy should have detailed logging turned on and saved for analysis in the event of a data breach.
In some cases, account access can be legitimate. However, these credentials could be intercepted or harvested from the legitimate user by social engineering or phishing techniques and later abused by an attacker. In order to aid in the prevention of these forms of attack your employees should be trained in how to identify Phishing emails and malicious phone calls.
This will ensure that staff are aware of the necessity of creating and using strong passwords, which will aid in securing their details against password guessing and cracking methods.
Should you have any questions regarding this or any security related matter, please contact our security experts.