Further to the announcement at the weekend, UK accounting software firm Sage have confirmed details on the breach of 280 accounts to the public. Alarm bells were raised by TheAntiSocialEngineer on Saturday 13th August.
On Wednesday evening, a 32 year old female Sage employee was arrested by the City of London police at Heathrow Airport on suspicion of conspiracy to defraud and has been released on bail.
We can see similarities between the mismanagement of this data breach compared to that of the TalkTalk’s data breach of 2015. While TalkTalk rushed to the media with information which was damaging, Sage seems to be delaying vital information, there might be good reason for this but thousands of employees have the right to know where their payroll data is at this moment in time.
Cyber Security Moving Forward
If we are ever going to make any progress within information security and maintaining confidentiality of data, we must start by taking the issue seriously. Our mindset needs to change in the way companies report data breaches, removing the taboo and nurturing employees to eradicate the risk of insider threats.
Time and time again we hear about the importance of recognising the human factor when it comes to information security but we never hear about the simple solution being education.
Cyber Security Training is Important
Bob’s Business Ltd was created to help employees understand the risks in cyber security and to keep organisations secure.
Training mitigates against bad habits and reinforces the key security messages that every organisation in the UK, regardless of size, should be educating their staff on. It’s so much more than what people think, training can really change a person’s opinions to crime and endorse strong ethics at work.
Businesses must be sure that all their employees are aware of and understand the Data Protection Act, more so they use this as a basis to define their own ethical behavior. This will provide them with a structure on how to request for, handle and dispose of information in a sensible manner outlined in Bob’s Business Carefully Classified module. Tailoring education around policies will ensure that all employees are aware of the content included and the standards expected by the organisation.
Businesses can also implement systems which ensure that only authorised personnel can access highly confidential information with detection in place if any of this data is copied.
If you have been affected by this, the Bob’s Business module on Identity Theft provides useful information to prevent further frauds and helps people not become victims to the potential malicious activity that could be caused from this data breach.
Bob’s Identity Fraud Tips
– Allow report suspicious activity in private accounts
– Check credit reports, bank and credit card statements regularly to ensure there are no anomalies.
– Remember to shred documents containing personal or confidential information before disposing of them.