Verizon recently suffered a data breach in which employee records were compromised by an insider threat, reiterating the need for good internal security practices, according to experts.
Over 63,000 employees were affected by the breach, as per Verizon’s submission to the Maine attorney general, which is estimated to have occurred in September 2023. It took until December for the company to discover the breach.
Verizon has since drafted a letter to those affected, detailing the efforts it has undertaken to conduct a review of the breach.
The telecoms giant concluded that exposed data could include name, address, social security number, national identity, gender, union affiliation, date of birth, and compensation information.
The breach is a combination of “insider wrongdoing” and “inadvertent disclosure,” caused when an employee “obtained a file” containing personal information without proper authorization.
Though there is reportedly “no evidence that this information has been misused or shared outside of Verizon,” the breach draws attention to the ease with which a mistake can be made.
“This is about as innocuous as an ‘insider threat breach’ gets,” data-driven evangelist at KnowBe4 Roger Grimes told ITPro.
“I will say that this is a testament to the monitoring that Verizon is doing to have even noticed,” he added. “This is far from rare. What is different is that Verizon and many other companies are now looking for and monitoring these types of situations, and alerting impacted potential victims, if any.”
Insider threat vulnerabilities are rampant, with over half of all data breaches in the legal sector caused by staff members last year, and many are entirely accidental.
This makes them hard to detect, as the breached data is rarely used for malicious purposes.
Though accidental attacks may not do the damage of a deliberate, malicious attack, the consequences are still an issue. In this case, Verizon has had to pursue costly employee responses.
Verizon expressed how seriously it takes its “obligation to safeguard personal information” and is offering a number of compensatory services to victims, including identity protection and credit monitoring services to protect against fraud.
What companies can do to mitigate against insider threats
Insider threats constitute a blindspot for many companies, but although they may be difficult to spot, there are a few ways in which companies can mitigate against them.
"Insider threats are harder to discover and neutralize since they originate from within the organization's trusted perimeter, unlike external threats,” said Erfan Shadabi, cyber security expert at Comforte AG.
Provide secure access to critical applications
DOWNLOAD NOW
“Timely detection can significantly mitigate the impact of breaches and reduce the likelihood of prolonged exposure of sensitive data,” he added. “Organizations, furthermore, must prioritize investments in staff training and awareness programs to educate employees about the importance of cybersecurity best practices.”
Insider threat actors are, by definition, acting within the confines of a particular company. Training is therefore one of the most effective forms of mitigation, especially with relation to accidental breaches.
“Additionally, deploying data-centric security measures, such as tokenization, encryption, and access controls, can help mitigate the risk of unauthorized access and protect sensitive information from insider abuse or external exploitation," Shadabi said.
