One of the biggest worries of CEOs and CISOs is that an employee will access and sell customer data. The odds of an insider threat aren’t great – breach statistics compiled over a decade by Verizon show that about one-third of breaches of security controls are caused by staff – but it’s still there.
So the IT industry was surprised on Tuesday when international security vendor Trend Micro acknowledged that a staff member had gone rogue.
In a statement, the company said “some personal data of an isolated number of customers of our consumer product” had been sold by an unnamed staffer who managed to fraudulently “bypass our sophisticated controls.”
What the thief got was access to a customer support database that contained names, email addresses, Trend Micro support ticket numbers, and in some instances, telephone numbers. The information was sold to an unknown person or persons.
The company realized something was wrong in August when it was told some people using its home security solution had received scam calls by people impersonating Trend Micro support personnel. An investigation was started but it was only until the end of last month when it was able to find the culprit.
There are no indications that information such as financial or credit payment information was involved, or that any data from our business or government customers was improperly accessed, the company said.
Related story: Public Safety Canada issues guide to lowering insider threat
Based in Tokyo, Trend Micro sells around the world. There is no indication in the release which country or countries victims were located.
According to SecurityWeek, the company has determined less than one per cent of the 12 million customers using its consumer solutions were affected, which could mean thousands of people.
“If you have purchased our consumer product, you should know that Trend Micro will never call you unexpectedly,” the statement says. “If a support call is to be made, it will be scheduled in advance. If you receive an unexpected phone call claiming to be from Trend Micro, hang up and report the incident to Trend Micro support.”
While insider attacks aren’t as common as threats from outside the firewall, they can be just as deadly if not more because some employees know exactly where sensitive (and valuable) data is. In June, Quebec-based financial services giant Desjardins Group acknowledged an insider had stolen information on 2.7 million consumer and business customers of its credit union. Last week the company corrected that number, saying data on all of its 4.2 million consumer customers had been exfiltrated.
Related story: Trusted insiders are now the most serious threat