Leakage of a customer database


Back to blog list

Unauthorised access to customer databases

A security policy response attracted the attention of the risk managers responsible for monitoring to the abnormal activity of an employee who accessed the customer databases that include the information on individuals.
The program helped to establish that the specialist collected several customer databases and compiled them into one document. After he sent it to a colleague unauthorised to manage this kind of data.
The analysis allowed the risk management department to expose the collusion: the first employee was supposed to collect the data, and the other one – to sell it to a third party. 
Foreseeing the leakage of insider information, the risk managers used the employee monitoring system to encrypt the documents that the second specialist uploaded to a USB flash drive. This measure didn’t allow third parties to read the information. The company gathered the evidence of the violation and dismissed the criminals.

Collecting a number of customer databases when no corresponding tasks are given might appear an abnormal event for a monitoring system. A properly configured software can also track users who receive data they are not authorised to work with. A violator could have been detected while a suspicious activity was tracked - long before an encryption measure would take place.

Database Confidential documents

Subscribe to get helpful articles and white papers. We discuss industry trends and give advice on how to deal with data leaks and cyberincidents.