Sage Group Hit By Insider Data Breach
Sage Group, an accounting and payroll software firm based in the UK, recently suffered from an insider data breach. Due to a lack of fortified security practices, a Sage employee was able to log in and override the firm's internal database, leaking critical data. This cyberattack is said to have compromised the personal details and bank account information of employees at nearly 300 businesses in the UK. In the days following the attack, the City of London confirmed that a 32-year old female connected to Sage was apprehended at the Heathrow Airport prior to boarding her flight, and arrested for the high-profile criminal act.
This internal attack underlines the importance of addressing internal (and external) cyber threats. It has been predicted that 80% of cyber crimes are preventable if individuals and businesses follow simple advice. Sage's data breach could have been easily mitigated or avoided altogether if stronger security controls were in place. If the UK's Information Commissioner's Office decides that Sage has been negligent in their security practices, there are a number of actions the Information Commissioner's Office could take, including criminal prosecution, non-criminal enforcement, or undergoing a company audit. Businesses of every size can take these initial steps toward avoiding an internal breach:
- Have a strong password
- Change your password often
- Use multi-factor authentication
Data breaches are on the rise across the globe, and the damaging effects can be lasting. LinkedIn, a popular career-oriented social networking service, suffered from a major data breach in 2012 and is still in recovery. We recommend taking your internal security processes even further with a multi-layered approach. There are affordable tools and services available to businesses of all sizes that can and should be implemented. For example, Microsoft's Enterprise Mobility Suite provides comprehensive tools for your IT team to conduct regular patching and security updates, implement multi-factor authentication, protect information from unauthorized access - internal and external, and enforce policies to improve data security.
For more information on how we can help you boost your business's security posture, contact us.
With more than two decades of experience, the iCorps team is dedicated to delivering excellence to our customers by staying ahead of market trends and understanding new technologies that could impact their business. iCorps delivers superior IT solutions implemented by the best IT consultants in the greater Northeast region of the United States.
Photo credit: Sage