By Robert Lemos
Nov 15, 2010
For 19 months, an employee at Johns Hopkins Hospital allegedly stole
patients' identities, feeding the information to four outsiders who used
the data to charge more than $600,000 in goods on store credit. Jasmine
Amber Smith, 25, has been charged with using her inside access to fuel
the identity theft ring.
Employees working with cybercriminals might not be the norm for security
breaches, but it's not a rare crime, either, experts say. It's not
unusual for cybercriminals to gain inside access through bribery and
solicitation -- two components of social engineering, according to
Verizon Business' Data Breach Investigations Report. Social engineering
accounted for 28 percent of breaches analyzed in the report, with
solicitation and bribery leading to nearly a third of those breaches.
"These were scenarios in which someone outside the organization
conspired with an insider to engage in illegal behavior," the report
says. "They recruit, or even place, insiders in a position to embezzle
or skim monetary assets and data, usually in return for some cut of the
While stolen data can cause public relations headaches and lose the
goodwill of customers, a company's customer data may not be its most
valuable asset. Companies' proprietary knowledge and corporate secrets
-- such as business plans, trade secrets, and sales forecasts -- are, on
average, twice as valuable, according to a March 2010 report by analyst
firm Forrester Research (PDF). Yet the loss of such data is usually not
reported, experts say.
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.