The spy who tripped over a daisy

Here's a rarity. A data breach that occurred as a result of failed technology. It never happens.

Reports detailing Incidents of lost data, stolen information and identity theft cross my desk with unsettling regularity.

The similarities in each report are positively uncanny. Without knowing any detail I can recite the circumstances surrounding the event. Invariably it will involve motor vehicles, laptops, petrol stations and possibly, a subcontractor.

Here's the story. A subcontractor is filling the car with petrol and a laptop containing the financial details of half a million unwitting victims is stolen from the back seat. Petrol stations aren't always central to the tale as laptops can be stolen from the vehicles or homes of employees in charge of the company's most valuable data assets. But the stories are pretty much the same.

If Im sounding a tad suspicious then maybe I am. It wouldn't be the first time I've been accused of harbouring sinister thoughts.

But once the breach is exposed it is the statements released to the media that are just as incredible. Did I say incredible? I meant to say predictable.

The statements go like this. An investigation is undertaken by the company that lost the data. The company wants to make it very clear that the nondescript perpetrator with no distinguishing marks or features is just a common thief with no bad intentions.

The company is confident the theft of 250,000 credit card numbers was human error and the recipient of the data doesn't recognize its value. Therefore, the data will not be misused. It was all just a coincidence really when the subcontractor tripped over a daisy.

Here are the most recent breaches to land on my desk. Two US Navy laptops stolen from a locked vehicle. They haven't been recovered. A PC containing personal information on 36,000 US military veterans goes missing. Subcontractor is blamed and it didn't involve a petrol station.

A month earlier the personal details of 26.5 million people stolen from an employee's home. No signs of any motor vehicles in this particular case. My point? Beware of corporate espionage, there I said it. This is a topic very few will discuss but it is a reality.

I'm not implying that any of the cases I've mentioned involve any form of spying or hanky panky.

But there have been some major espionage cases recently that have received some media coverage. One involved Coca-Cola and Pepsi and another involved an automotive manufacturer, Metaldyne.

Once again it wasn't about technology, it was about the selling of information. Data protection has never been more important and needs to be taken seriously.

What hanky panky have you heard about? E-mail

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Sandra Rossi

Latest Videos

More videos

Blog Posts

Market Place