It has come to light that Ofcom, the media regulator, has suffered the largest data breach in its history after a former employee offered a significant amount of sensitive information about various TV companies to his new employer, a major broadcaster.
It has not yet emerged what the sensitive data contained, only that it could help give competitive advantage over rivals.
The Guardian reports that the regulatory body has now sent out a letter to TV companies with an Ofcom license to broadcast in the UK to explain the data breach.
'On 26 February we became aware of an incident involving the misuse of third-party data by a former Ofcom employee,' said a spokesman for Ofcom. 'This was a breach of the former employee’s statutory duty under the Communications Act and a breach of the contract with Ofcom.'
> See also: Twelve tips to combat insider threats
Ross Brewer, VP and MD of EMEA at security intelligence firm LogRhythm commented on the attack, pointing out that it's a perfect example of how a breach isn’t always a high-tech hack.
'Sometimes the culprit really can be someone who sits next to you at work, and not the anonymous, faceless, perpetrator that has become synonymous with modern-day cybercrime,' said Brewer. 'Companies need to be aware that when sensitive information is readily available amongst employees, there is the possibility for anyone to abuse their trusted position. Worryingly for Ofcom, this particular individual was able to download up to six years of information before leaving the company.'
Companies like Ofcom hold huge quantities of confidential data and this will no doubt be a big wake-up call for the communications regulator, and for other companies that hold hoards of sensitive information.
'A big problem is that many businesses use the majority of their resources fighting the external threat, often underestimating the impact that the insider threat can have. However, as Ofcom will likely discover, employees can pose a very real threat to a company’s reputation,' says Brewer.
'As well as having strict access control policies, it’s vital that businesses have full visibility of their network activity so they are aware of what is happening at all times. Indeed, by continuously monitoring the network, businesses can identify abnormal activity – such as downloading large batches of sensitive data – as soon as it occurs.'
'This particular breach was not complicated and involved very little effort from the insider, yet the aftermath has the potential to be devastating. Indeed, the threat of the insider still looms large and ignorance is no longer bliss. In this case, Ofcom needs to take a leaf out of its own book and ensure that it can meet today’s increasingly tight regulations when it comes to handling sensitive data, and monitoring for both internal and external threats is key.'