Lawyers report steep rise in employee data theft cases

Filed Under: Data loss, Featured, Law & order

UK law firm EMW has reported a sharp rise in confidential data theft cases brought before the High Court.

The bulk of the cases involve information taken by employees from their places of work, with blame for the rise being put on the availability of cloud storage services, and also on increases in remote working.

2012 saw 167 cases involving confidential data theft at the High Court, up 58% from the 106 seen in 2011.

Although some reports have flagged a whopping 250% increase over the 45 recorded in 2010, this was a bit of an anomaly, sharply down on the 95 seen in the previous year.

Nevertheless, the general upward sweep over the last few years seems clear, and will be quite alarming for many businesses.

The bulk of the cases logged were civil cases brought by firms against former employees found to have taken company data, which might include anything from client and contact lists to financial info to technical product designs.

According to a report in the Telegraph, these cases rack up an average cost of £30,000 in legal costs, let alone the value of the lost data. This can be hard to put a price on, and is pretty impossible to "retrieve" once it has left company networks.

The availability of Dropbox and similar cloud storage services, which enable disgruntled staff to transfer huge amounts of data very rapidly with minimal preparation, is cited as a major factor in the spike.

Other commentators have emphasised the greater ease of stealing data thanks to the rise in remote working, and the remote access to company databases needed by homeworkers.

In the movies our data-exfiltrating hero has to crouch behind a desk, sweatily watching a progress bar tick towards completion on his USB stick copying, while footsteps thud ominously closer down the corridor. In reality, data can be copied or uploaded in comfort and safety from an armchair in front of the TV, with no risk of being observed, at least physically.

Of course this sort of thing should be being monitored by data leak protection (DLP) systems, and restricted by tight controls on who has access to sensitive data, especially remotely.

DLP controls can watch for specific files, file types or even tiny fragments of data crossing fixed boundaries, or can limit the amount of data that can be transferred from point to point in a given time period. Device control can prevent the use of removable media such as USB drives or CD burners, while web filtering can block access to cloud services which might be open to abuse.

This sort of thing should deter most "disgruntled" (or simply avaricious) employees from making off with sensitive data, documents, or even whole databases.

It's not entirely clear whether the upturn seen in the EMW figures also reflects a failure deploy or properly implement such technologies, allowing more data to be stolen, or in fact shows an improvement in their quality, ensuring more would-be data thieves are caught in the act and prosecuted.

Either way, it seems that employee data theft remains a problem which needs addressing. Data needs to be properly monitored and protected, whoever is working with it and whether it is inside company networks or being accessed by remote workers.

One approach might be to make sure you keep all your employees happy at all times, although that might prove impractical. On the other hand, the threat of heavy penalties for data theft doesn't have a 100% success rate either.


Image of tea-leaf having it away on his toes with a giant USB stick courtesy of Shutterstock.

, , , ,

You might like

One Response to Lawyers report steep rise in employee data theft cases

  1. While cloud storage and remote access are issues, I think another factor responsible for the uptick is actually the awareness of the problem, and companies beginning to implement processes to actually detect data leakage in the first place.

    Data leakage has always been an issue, but as third parties using botnets to trawl for PII is something new, as is publishing leaked data for public viewing. It used to be that if your corporate data leaked (which it invariably did), only a few would ever know, and few companies (especially in the SMB market) had any safeguards in place to detect data moving offsite, let alone prevent it.

    Nowadays, at least casual leaking can be monitored via relatively inexpensive DLP solutions that can be monitored and managed without the need for a dedicated information security staff.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

John Hawes is Chief of Operations at Virus Bulletin, running independent anti-malware testing there since 2006. With over a decade of experience testing security products, John was elected to the board of directors of the Anti-Malware Testing Standards Organisation (AMTSO) in 2011.