Massive data breach at Ofcom reveals the risk ofinsider threats

March 15, 2016 |

Data breaches by media and telecommunications companies are nothing new.  Particularly telcos.  In Australia, Optus and Telstra both have a dreadful record in protecting personal information.  Less often do media regulators suffer a data breach.  And that is what occurred in the UK with an ex employee of Ofcom, the UK media regulator, downloading up to 6 years of sensitive information which that person offered up to a new employer. Insider threats are a very significant part of the threat matrix that any business should be aware of.  And of which many don’t give enough attention to.

This has been reported by the Guardian at Ofcom tackles mass data breach of TV company information which provides:

Ofcom is facing up to the biggest data breach in its history after a former employee offered a hoard of potentially sensitive information on TV companies to his new employer, a major broadcaster.

The media regulator has sent out letters to dozens of TV companies that hold an Ofcom licence to broadcast in the UK explaining the data breach.

“On 26 February we became aware of an incident involving the misuse of third-party data by a former Ofcom employee,” said a spokesman for Ofcom. “This was a breach of the former employee’s statutory duty under the Communications Act and a breach of the contract with Ofcom.”

One person with knowledge of the letter said that the incident involved the former Ofcom staffer downloading data – possibly as much as six years of data provided by TV broadcasters to the regulator – before leaving the company.

That information was then at some point offered to the ex-staffer’s new employer, known to be a TV broadcaster, potentially to give insight and a competitive edge over rivals.

It is understood that senior management at the broadcaster did not exploit the information, but instead alerted Ofcom.

“Ofcom takes the protection of data extremely seriously, and we are very disappointed that a former employee has chosen to act in this manner,” said the spokesman. “The extent of the disclosure was limited and has been contained, and we have taken urgent steps to inform all parties.”

It has also been reported at UK media regulator Ofcom on high alert after massive breach of sensitive TV company data and Ofcom investigates former employee after data breach.



One Response to “Massive data breach at Ofcom reveals the risk ofinsider threats”

  1. Massive data breach at Ofcom reveals the risk ofinsider threats | Australian Law Blogs

    […] Massive data breach at Ofcom reveals the risk ofinsider threats […]

Leave a Reply

Verified by MonsterInsights