Stolen Staff Data Could be Your Biggest Security Risk

By:  |  Category: Blog Wednesday, October 23rd, 2019  |  No Comments

Your company was recently breached, but no customer information was stolen. Whew! That was a close call.

Does it mean you’re in the clear?

While it might mean you aren’t headed into a class action lawsuit similarly experienced by Equifax and Capital One, it still doesn’t mean you’re in for smooth sailing.

What about your staff data?

Zdnet explains “the threat of corporate email addresses and other employee data being stolen and exploited by cyber criminals is still not being taken seriously, despite the potential damage such a hacking incident could do.” Considering just how many targeted phishing campaigns reach corporate email inboxes on a daily basis, this is a rather shocking concept.

Teribum, a cybersecurity research company, recently analyzed how different businesses look at and approach security risks and found a large portion of them underestimate the danger of employee information leaked and sold on the dark web.

Referencing Teribum’s “Underrated Risks of Data Exposure” report, “just 11% of those surveyed believe corporate email addresses could be at high risk of exposure on the internet and even fewer believe social security numbers, names, bank accounts and payroll records of employees are the sorts of data that cyber criminals are interested in.”

How is staff data any different than customer data?

Employees are all still individuals with the same likelihood to be taken advantage of during a breach, they all still have finances they’d like to keep their own, and they would all like to avoid the casualties of identity theft. No one seeks to have their information stolen, “take me instead, I volunteer as tribute!” This is not the Hunger Games.

Exposed and compromised customer data can lead to a bad reputation and in some cases extreme financial distress, but should staff data be left in the cold?

It could potentially be a slippery slope to reach a businesses’ customer information.

VP of research as Terbium Labs, Emily Wilson, explains “Corporate employee data is the skeleton key to whatever you want in the organization.”

Employee email addresses lead to an increase in phishing attacks which could compromise your organization, leaving precious customer data wide in the open. It only takes one employee to click on a bad link, and 99% of email attacks rely on victims clicking those links.

Wilson says, “”It’s the data we use everyday: it’s not sexy, it’s just the data we rely on to run businesses and our everyday lives. It’s fundamental but people just seem to miss the connection there and cyber criminals love that.”

If you need help with IT Managed Services or Security Services give EnhancedTECH a call at 714-970-9330 or contact us at [email protected]



Image Source: https://unsplash.com/photos/6dW3xyQvcYE

Leave a Comment
Read previous post:
Could 3D Maps Lighten Congested LA traffic?

A light at the end of the tunnel for traffic in Los Angeles? Oh wait, those are just high-beam headlights...