10 Jun 2020

Companies seek help for post-redundancy data breaches

3:43 pm on 10 June 2020

Recently-redundant employees are sharing their former companies' data in an effort to find new work with their competitors, a security firm that investigates data breaches says.

Female hands or woman office worker typing on the keyboard

File image. Photo: 123rf

When the lockdown was announced firms scrambled to get people working from home, in some cases without adequate security protections, according to Datalab managing director Cameron Hansel.

"They (employees) were required to take information home with them or work on systems that weren't owned by the business. Then when businesses had some breathing room to look at what the impacts of downturns were going to be, obviously some made the decision to lay people off.

"What that meant was that person was at home, with hardware, chalked up with company data and they had the time to think about what they wanted to do with that."

Hansel said a few weeks into lockdown the enquiries started coming.

By weeks four and five after the lockdown was announced, the number of quotes to investigate a data breach had increased by 30 to 40 percent.

"We saw a lift in cases where people were being laid off and then they went to direct competition, or they would start talking to suppliers... clearly using their previous company's data."

He said while the type of companies making enquires were across the board, the type of data was often the same.

"It's generally contact lists, client lists, supplier details, anything that someone would need to pocket in order to set up quickly in competition."

"It's generally outbound, it's zipped and emailed or copied out to USB stick covertly... although nothing's really covert if you know where to look."

He said there had also been a spike in the number of ransomware cases, due to lack of security on at-home devices.

Get the RNZ app

for ad-free news and current affairs