Two former T-Mobile employees who stole and illegally sold customer data from the company in 2008 have been ordered to pay a total of £73,700 in fines and confiscation costs, as part of a hearing at Chester Crown Courts.
Mark Fullbrook, UK and Ireland director at Cyber-Ark Software, has made the following comments: “When this story first surfaced, it was a strong reminder of the insider threat that organisations across the country face. It’s good to see this case concluded, and finally see these two individuals given a financial penalty. It should send a strong message to others in similar positions that have considered abusing their privileged access.
“However, the insider threat remains strong today. Indeed recent Cyber-Ark research, found that 44% of IT staff in EMEA admitted to accessing data that was irrelevant to their jobs, and 31% of those surveyed said that they, or one of their colleagues, had used an admin password to get to confidential or sensitive information.
“Data is the most valuable asset for so many organisations, so leaving the door to it unguarded is an unnecessary and avoidable mistake. Clearly, if companies are to mitigate this prevalent risk – and therefore avoid damaging and costly incidents such as that experienced by T-Mobile – then they must look to manage, secure and record all privileged activities throughout the business as a matter of course."