Story image

Protect your data at all costs, if this latest scandal is anything to go by

17 Jan 17

Protect your data at all costs, if this latest scandal is anything to go by.

That’s the takeaway lesson from a recent news item appearing on the Sydney Morning Herald website this morning, detailing how a naughty former employee exported her company’s entire customer database before she exited the door.

According to an article by Jessica Sier, online fashion e-retailer Showpo is suing Black Swallow, a similar e-commerce business, which Showpo claims has used the database to market itself as an affiliate of Showpo.

The article says former Showpo employee Melissa Aroutunian exported the 306,000-strong customer database before she left the company, and passed it on to Black Swallow.

Rebecca Bradburne, head of Asia Pacific & Japan, BlackBerry Workspaces, says data theft cases like this one are not the rare.

“The security breach suffered by e-retailer, Showpo is unfortunately not an isolated incident, and companies need to start recognising the danger that comes from within,” Bradburne explains.

“In our conversations we see that businesses have put systems in place to protect data inside an organisation, but as soon as data leaves the four walls they are powerless to stop a breach,” she says.

“This makes them a sitting duck to attacks.”

The data allegedly stolen by Aroutunian included contact information of customers, contacts, buyers, suppliers, associates, competition entrants, web users and subscribers.

Author Sier writes, “MailChimp, which manages the email direct mail (EDM), has provided activity history that allegedly shows at 9.33pm on September 6, Ms Aroutunian's password was used to access the client contact list which was then exported to her home IP address.”

Black Swallow denies the allegations.

“Security is more than just IT and passwords – it needs to be viewed holistically by businesses,” says Bradburne.

“Without both a robust security policy and the right technology in place, these kind of high profile breaches will become more and more common.”

Bradburne says now is the time for businesses to get smarter about the technology they use and the policies they have in place.

“BlackBerry Workspaces (formerly known as Watchdox by BlackBerry) gives organisations the ability to maintain control over all corporate information in all circumstances,” she says.

“Used by organisations globally including Parliamentary Services of New Zealand, BlackBerry Workspaces allows companies to revoke access to data at any point, thus protecting information when it leaves the organisation,” says Bradburne.

“By implementing these type of technologies, Showpo could have avoided a breach and the implications it will have on the organisation’s reputation.”

Using blockchain to ensure regulatory compliance
“Data privacy regulations such as the GDPR require you to put better safeguards in place to protect customer data, and to prove you’ve done it."
A10 aims to secure Kubernetes container environments
The solution aims to provide teams deploying microservices applications with an automated way to integrate enterprise-grade security with comprehensive application visibility and analytics.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
One Identity a Visionary in Magic Quad for PAM
One Identity was recognised in the Gartner Magic Quadrant for Privileged Access Management for completeness of vision and ability to execute.
How to keep network infrastructure secure and available
Two OVH executives have weighed in on how network infrastructure and the challenges in that space will be evolving in the coming year.
Gartner names newcomer Exabeam a leader in SIEM
The vendor landscape for SIEM is evolving, with recent entrants bringing technologies optimised for analytics use cases.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.