Morrisons suffer internal data breach
UK supermarket, Morrisons, has suffered a data breach in which over 100,000 employees personal details including names, addresses and bank details were compromised. The information, which affects workers from all levels of the organisation, was stolen and published online as well as being sent to a regional newspaper on disk, causing much worry about data security across the company.
The supermarket’s suspicions that this was an internal hack appear to have been confirmed following the arrest of a man on Monday morning. Detective Chief Inspector of West Yorkshire police, Gary Hooks, said “An employee of Morrisons has been arrested in Leeds in connection with an investigation into the theft of data from the company.” Morrisons has swiftly dealt with the data breach by providing a direct route of contact for employees, for which the responses are being lead by CEO, Dalton Phillips. However this breach has raised serious questions as to the company’s security procedures.
As this was an inside attack, normal firewalls and security procedures that would flag up an external attack, will not have alerted IT staff to suspicious activity. It raises questions such as why wasn’t staff access restricted? Why was this data stored unencrypted in an accessible format? Organisations must take data security seriously. Paul Ayres, Vice President of Security said “It is only with a deep level of security intelligence and data centric security that businesses will be able to spot suspicious activity as and when it occurs, and stop outside attackers and rogue employees alike in their tracks.” It is imperative that an organisation regularly assess and monitor their IT systems in order to prevent and respond to data breaches as they occur.
Additionally, it must be seen as mandatory to encrypt data so that even if it is compromised, it is unusable to the hacker. Are you worried about data security at your work place? Want to protect yourselves against data breaches and such like? Redstor is a market leader in providing security, storage and disaster recovery services to the public and private sector and guarantees compliance with the Data Protection Act and other regulations.
Redstor is a market leader in providing security, storage and disaster recovery services to the public and private sector. Our range of secure and encrypted cloud services are already protecting the data of over 10,000 organisations across the UK. Redstor’s Online Backup service ensures data is safely backed up offsite in an encrypted format. Our cloud sync and share service, Centrastor, enables organisations to store and share files securely online from any device with an Internet connection and our CentraStage service enables support providers to guarantee that devices they support are regularly audited, patched and safely up-to-date for effective endpoint management. Our Virtual Disaster Recovery service guarantees to have your systems up and running within minutes following a disaster. To find out more about our services and how we can help you comply with data protection laws and prevent data leakage, please contact us either by giving us a ring on 01189 515 200 or emailing [email protected].