Sage data leaked by disgruntled employee

Sage is investigating a data breach that may have affected between 200 and 300 large UK companies.

On Monday, shares in the accounting software supplier fell after it was reported that a Sage employee’s login details were used to gain unauthorised access to customer information in recent weeks.

Sage contacted the police over the weekend, and told 200 Sage UK payroll services customers that their information may have been compromised.

The data breach was first reported by the Antisocial Engineer, which said that the customers were notified over the phone, and that Sage's forensic team was not initially aware of what data had gone missing.

The company disclosed in conversation with the security website that the breach had been conducted by an employee and on Wednesday evening City Police tweeted that it had arrested a 32-year-old woman “in relation to the ongoing fraud investigation from the business software company Sage”.

A 32 y/o woman has been arrested in relation to the ongoing fraud investigation from the business firm Sage

— City Police (@CityPolice) August 17, 2016

In a statement to Accounting WEB, Sage said that it was investigating unauthorised access to customer information using an internal log-in. “We cannot comment further whilst we work with the authorities to investigate – our customers remain our first priority and we are speaking directly with those affected.”

Graham Clulely, an expert in computer security, said that disgruntled staff and rogue workers are a risk to any company.  “But when your company's business involves handling the financial records of thousands of businesses up and down the country, the stakes are particularly high.”

Technology can help to reduce opportunities for a rogue member of staff to wreak havoc or steal data, but management also needs to be trained in spotting the warning signs and putting procedures in place, Cluley said.

“An obvious one would be to only give staff access to the parts of the network that they need to have access to”, he continued. “Furthermore, have unique passwords, and change them immediately when a member of staff is leaving the company.”