Security Breaches Caused by Employees (Examples & Statistics for 2024)
Posts by Kelly IndahAugust 2, 2023
It’s not a secret that human error represents a weak link regarding cybersecurity.
Read the article to find out everything about security breaches caused by employees.
Although there’s been an overall increase in cybersecurity investment over the past few years, organizations still face data breaches.
Moreover, most of the cyberattacks that result in breaches are caused by human errors.
In fact, a report published by the World Economic Forum revealed that around 95% of cybersecurity threats were caused by human error.
Meanwhile, Researchers from Stanford University found that 88% of security breaches that are caused by employees include errors, social attacks, and misuse.
So, looking at how employees have contributed to various data breaches over the years would be interesting.
In this article, we’ll explore real-life instances of security breaches that have been caused by employees in recent years.
But that’s not all—we’ll also delve into the latest statistics surrounding these breaches. So, let’s go!
Examples of Actual Security Breaches Caused by Employees
1. Uber Was Hacked Due to Employee Negligence.
On 15 September 2022, a surprising incident happened within the organization.
The employees found an unauthorized person accessing their company’s Slack channel.
The data breach involved an intruder who hacked into the account, leaving a message proclaiming himself as a hacker and announcing a data breach at Uber.
It’s one of the major security breaches which employees caused.
Although the hacker, reportedly an 18-year-old individual, has been arrested, the damage that was done was done.
The hacker left behind an explicit image within the internal system of Uber and exposed how he hacked the company via social engineering.
According to reports, Uber’s code repositories, communication channels, internal systems, and cloud storage were compromised.
2. In The City of Calgary, a Personal Data Leak Was Caused Accidentally by An Employee.
The Calgary Herald reported a significant incident in June 2016, where an employee of the city of Calgary, Alberta, accidentally exposed the personal information of 3,700 employees.
It happened when the company’s employee inadvertently sent sensitive information through email while seeking some technical assistance.
The leaked information included personal details of all the affected employees, potentially compromising sensitive data like names, contact information, addresses, and more.
The incident raised concerns about the security measures within the organization’s system and highlighted the importance of data protection protocols.
3. Data Theft by A Sage Employee.
According to a report by Fortune, a distressing incident involving a 32-year-old employee from Sage, a UK-based payroll company, occurred in August 2016.
An employee allegedly engaged in deliberate data theft, with a suspected motive of carrying out fraudulent activities.
As per reports, the law enforcement authorities arrested him at London’s Heathrow Airport.
However, the stolen data reportedly consisted of sensitive information, such as bank account details and the salary information of undisclosed individuals.
The motive behind the data theft remains under investigation, and it is yet to be determined if the information has been misused for fraudulent purposes.
4. A Former Employee Had Stolen Sensitive Data from Cash App Investing.
Cash App Investing, a reputed stock trading app owned by Block, the parent company of Square payments systems, experienced a significant data breach resulting in the compromise of sensitive information for over eight million users.
The New York Times reported that the data breach was initiated by a former employee who illegally obtained corporate reports after departing from the company in December 2021.
The exposed data contained crucial customer details, including names, customer portfolio value, Cash App brokerage account numbers, selected trading activity, and specific holdings.
As a result, it has raised concerns among customers regarding the privacy and security of user information within the app.
5. Data Breach at Snapchat Caused by Social Engineering.
Snapchat became a victim of a whaling cyber attack in late February 2016, as reported by the Washington Post.
In this incident, a malicious social engineer falsely impersonated CEO Evan Spiegel and sent an email to one of the employees in the payroll department of the social networking company.
It is marked as one of the major security breaches caused by the employees.
Sadly, this led to the unauthorized disclosure of personal protected information (PPI) belonging to approximately 700 employees.
Soon, Snapchat promptly responded by publishing a blog post expressing its deep remorse and acknowledging its responsibility.
They also assured the public that they were taking immediate action.
6. A Network Engineer at EnerVest Committed Data Sabotage.
The Department of Justice, in a report, revealed that an incident of data sabotage occurred at EnerVest, an energy company based in West Virginia, carried out by one of its network engineers.
The engineer, identified as Mitchell, engaged in this malicious act after finding out that he was going to be terminated from the company.
The investigation uncovered that Mitchell intentionally reset all network servers to their factory default settings and disconnected remote backups.
As a result, EnerVest suffered severe disruptions to its operations, unable to conduct business for a period of 30 days.
Moreover, the financial impact was substantial, with estimated costs surpassing $1 million.
7. Data Breach of Amazon Web Services (AWS) by A Former Employee Impacted Capital One.
A former Amazon Web Services (AWS) 2019 employee used a tool she had developed to scan AWS accounts, specifically targeting misconfigured ones.
Subsequently, she gained unauthorized access to accounts of more than 30 entities, including Capital One Bank.
The intrusion into Capital One’s systems resulted in the compromise of data belonging to more than 100 million customers across the United States, as the United States Attorney’s Office reported.
As a result, the bank was fined $80 million and additionally settled with a payout of $190 million.
8. Whitehead Nursing Home Was Fined £15,000 for A Data Breach Due to An Employee’s Negligence.
BBC News reported that Whitehead Nursing Home, which is based in Northern Ireland, has been fined £15,000 by the Information Commissioner’s Office (ICO) as a result of negligence leading to a data breach.
It occurred when an employee took an unencrypted work laptop home, which was stolen during a home burglary.
According to the news story, the theft resulted in the exposure of protected data belonging to 46 employees and 29 patients.
As a result, the ICO, responsible for upholding data protection regulations, imposed a fine of £15,000 on Whitehead Nursing Home for the breach.
9. an Annoyed Employee Exposed Secrets of India’s Scorpene Submarines.
An annoyed employee exposed all the classified information of India’s newly developed Scorpene submarines in a complex data breach involving various governments, contractors, and employees.
Moreover, Defense News reported that the breach resulted in the unauthorized disclosure of around 24,000 pages of protected details.
According to the story, after the termination of his employment, the individual deliberately decided to duplicate all the sensitive data onto a disk, subsequently sending it through conventional mail and ultimately sharing them with a journalist.
As a result, the confidentiality of crucial information related to the Scorpene submarines was compromised.
10. Phishing Employees Scammed Twitter Users.
One of the major security breaches caused by the employees occurred in July 2020, when the hackers successfully accessed 130 high-profile private and corporate Twitter accounts, each with a minimum of one million followers.
Moreover, they utilized 45 of the compromised accounts to promote a Bitcoin scam. Some of these individuals and companies include Bill Gates, Apple, etc.
As a result, Twitter users were duped into transferring more than $180,000 worth of Bitcoin to fraudulent accounts.
An additional $280,000 was also blocked by cryptocurrency exchange Coinbase to prevent further losses.
That’s not all; the stock price of Twitter also experienced a decline of 4%.
Security Breaches Caused By Employees Statistics 2023
1. Around 45% of US Workers Believe Public WiFi Hotspots Are Safe.
Public WiFi hotspots are known for lacking security, attracting hackers who exploit unsuspecting users to steal sensitive information such as financial details, passwords, and other personal data.
So, it’s advisable not to connect to a public network without a suitable VPN, which encrypts Internet traffic and shields it from prying eyes.
However, surprisingly, the Proofpoint 2020 User Risk Report reveals that around 45% of US workers believe public WiFi hotspots are safe when they are in a trusted location.
On the other hand, around 26% of workers worldwide still place their trust in public hotspots.
(Source: Proof Point)
2. 14% of UK Workers Usually Forget to Lock Their Smartphones.
The Proofpoint report also revealed that around 14% of UK workers usually forget to lock their smartphones.
However, 41% agreed to use their smartphones for work and personal purposes.
On a global level, 42% of workers use a biometric lock, such as a fingerprint scan, while 24% opt for a four-digit PIN to secure their devices.
However, 10% of respondents have no lock on their devices.
These statistics highlight the concern of inadequate smartphone security measures, which pose significant risks to the privacy and security of personal and work-related information stored on these devices.
(Source: Proof Point)
3. Over 80% of Security Breaches Are Caused by An Employee’s Mistake.
A report in 2022 has confirmed what many of us have been asserting for years: around 88% of data breaches are attributed to employees’ actions.
It was first discovered by researchers from Stanford University and a prominent cybersecurity organization.
Hence, it sheds light on the significant role human error plays in driving a majority of security breaches that are caused by employees.
Moreover, the study, conducted by Professor Jeff Hancock of Stanford and security firm Tessian, delved into the “Psychology of Human Error” and emphasized that employees often hesitate to admit their mistakes due to the fear of harsh repercussions from their respective organizations.
(Source: CISO Mag)
4. Two Top Causes of Data Breaches Include Misdelivery and Misconfiguration.
According to Verizon’s 2020 Data Breach Investigations Report, phishing is the primary threat action in data breaches, accounting for over 20% of all cases.
Additionally, human errors such as misdelivery and misconfiguration rank fourth and fifth, respectively, representing the predominant threat actions in around 10% of breaches.
Interestingly, the report also highlights that some of the leading malware vectors in data breaches directly relate to human error, including malware downloads, email links, and email attachments.
In fact, among the high-level actions leading to data breaches, human errors stand out as the only category experiencing an increase in frequency.
(Source: Verizon)
5. The Two Most Expensive Forms of Security Breaches Were Due to Human Errors.
Human error in data breaches can lead to significant damages, often surpassing the impact of cyber attacks.
In fact, IBM’s Cost of a Data Breach Report 2021 reveals that the most expensive data breaches are caused due to human errors.
The study highlights that business email compromise (BEC) scams cost organizations around $5.01 per stolen record.
On the other hand, phishing scams amount to around $4.61.
These security breaches, which were caused by employees, tend to take longer to detect and contain, escalating the damage.
BEC scams typically require an average of 238 days to identify and 79 days to resolve, while phishing incidents take about 213 days to identify and 80 days to resolve.
(Source: IMB)
6. Most People Use Weak Passwords, Which Results in Security Breaches.
A recent report by NordPass found that the password “123456” remains the most commonly used password for the second consecutive year, with more than 103 million individuals relying on it for their log-ins.
In fact, it takes less than a second for hackers to crack this password.
The report also revealed that other frequently used weak passwords are “123456789” (used by 46 million users), “qwerty” (22.3 million individuals), and “password” (20.9 million users).
These findings are alarming, especially considering that 80% of hacking-related breaches involved compromised passwords through stolen credentials.
(Source: Digital Trends)
7. Employees in Around 58% of Organizations Ignore Cybersecurity Guidelines.
According to the Netwrix 2020 Cyber Threats Report, it’s concerning, however not unexpected, that over half of the people surveyed mentioned that their employees were ignoring cybersecurity policies and guidelines.
Well, that doesn’t mean they aren’t following their executives.
In fact, it seems that employees are following the lead of their executives, as 85% of CISOs confessed to relaxing cybersecurity measures to facilitate remote work.
So, all security breaches caused by the employees aren’t actually their fault.
(Source: Netwrix)
8. The Average Cost of A Security Breach Caused by Employees Is $3.86 Million.
In 2023, the cost of security breaches caused by employees is predicted to be quite significant.
In fact, a study conducted by IBM Security and Ponemon Institute revealed that the average expense of a data breach due to human error amounts to $3.86 million, which is pretty enormous.
The sum includes various costs, such as informing the affected individuals, restoring harmed systems, and addressing penalties imposed by regulatory authorities.
Therefore, when employees make mistakes that lead to security breaches, it can be quite costly for their organizations.
(Source: IBM)
FAQs
What Are the Most Common Causes of Security Breaches that Are Caused by Employees?
Some of the common causes of security breaches that are caused by employees are:
Phishing: Phishing is one of the most common forms of social engineering attack where a cyber attacker deceives victims by sending an email or text message that seems to come from genuine sources.
The message contains links or attachments, which, if clicked, can result in the installation of malware on the victim’s device.
Data leakage: Data leakage happens when an insider unintentionally or deliberately discloses sensitive data outside an organization.
It can occur through various channels, including USB drives, email, or cloud storage services.
Weak passwords: These are one of the most common cybersecurity vulnerabilities an organization faces.
Employees often use weak passwords due to their ease of remembrance. However, these are easy to guess, so hackers guess them correctly.
Unsecured devices: Employees sometimes bring their personal devices, like smartphones, tablets, and laptops, to work.
However, if these devices are not properly encrypted, it can make them vulnerable to cyberattacks.
What Are Some Tips for Employees to Help Prevent Security Breaches?
Here are tips that employees can keep in mind to avoid security breaches caused by them:
• Never use a single password for multiple accounts.
• Avoid sharing sensitive information with unauthorized individuals.
• Don’t click on any email links or attachments from unrecognized sources.
• Keep your software up to date.
• Report all suspicious activity.
What Company Has the Biggest Data Breaches?
The company which has suffered from the biggest security breaches caused by their employees are:
• CheckFree Corporation in 2009.
• Central Intelligence Agency in 2017.
• CheckPeople in 2020.
• China Software Developer Network in 2011.
Conclusion
As we’ve already seen, security breaches caused by employees can happen to any organization.
Moreover, its consequences are devastating and can even impact the success of big companies.
However, an organization can detect and stop these with the help of proper cybersecurity measures.