DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

41% of workers have stolen corporate data – survey

Posted on November 23, 2009 by Dissent

From Cyber-Ark Software’s press release:

Stealing employer data has become endemic in our culture. According to a survey conducted with 300 office workers in New York City examining the impact of the recession on ethics and security, 85 percent of the respondents admitted to knowing that downloading corporate information from their employer was illegal, yet a quarter of those surveyed would take the data regardless of the penalties. In fact, 41 percent of respondents have already taken sensitive data with them to a new position, while 26 percent would pass on company information if it proved useful in getting friends or family a job.

The second annual “Global Recession and Its Effect on Work Ethics”transatlantic survey also polled 300 office workers in London, asking the same set of questions for comparison. What’s clear in the US data is that the recession has shaken employees’ confidence, with a quarter of total respondents admitting to feeling less loyal toward their employer. Despite this, only 40 percent of respondents are worried about losing their jobs, compared to 52 percent in 2008. The survey was sponsored by Cyber-Ark Software®, the Privileged Account Management specialists.

Corporate Data Protection Continues to Lag: Sensitive Data is Easy to Access, Easy to Share

Protection of corporate data continues to lag, with 60 percent of those surveyed admitting that it is easy to take sensitive information from under their bosses noses – with the primary tool of choice remaining a portable storage device like a memory stick, USB flash drive or CD, followed by email and then paper coming in a close third.

The survey found that 26 percent of the respondents admit that if they were fired tomorrow they would take company information with them, and 24 percent of people would download company/competitive information if there were rumors that their job was at risk. Of those who plan to take competitive or sensitive corporate information:

  • 52 percent admit they would do so “just in case” the data were to prove useful or advantageous in the future
  • 28 percent would use the data to negotiate their new position
  • 28 percent plan to use the data as a tool in their new job
  • Tops on the hit list of information that people like to download is customer and contact details (23 percent), followed by access and password codes (11 percent). Other information that is coveted includes product information, plans and proposals. This is particularly worrying as, without the proper identity and access management solutions in place, many ex-employees can still get into the network to access content and download information long after they’ve left the building.

    Lack of Job Security Leads to Risks and Compromise

    With remaining concern about job security, 23 percent of respondents revealed that they would do their utmost to sneak a look at the “lay-off list” to find out if their name was on it, with a whopping 70 percent using their own IT access rights to snoop around the network to find additional information. If they couldn’t find out the information on their own, 24 percent would approach a colleague in IT to get the inside information. Eleven percent of respondents indicated they would consider bribing human resources to reveal if their jobs were on the line.

    Respondents were also asked what steps they would take to keep their jobs. According to the survey:

  • 50 percent of US respondents would take a salary cut to keep their jobs, compared to 20 percent of UK respondents
  • 25 percent of UK respondents indicated they would work up to 80 hours a week to keep their jobs, compared to just 12 percent of US respondents
  • “While we are seeing glimmers of hope in the US economy, clearly employee confidence has been rocked. This survey shows that many workers are willing to do practically anything to ensure job security or make themselves more marketable – including committing a crime,” Adam Bosnian, vice president of products and strategy, Cyber-Ark Software. “While there is no excuse for employees who are willing to compromise their ethics to save their job, much of the responsibility for protecting sensitive proprietary data falls on the employer. Organizations must be willing to make improvements to how they monitor and control access to databases, networks and systems – even by those privileged users who have legitimate rights. Additional protection can be added with simple steps like frequently changing passwords and only granting access to certain information on-demand.”

    Hat-tip, Out-Law.com

    Category: Commentaries and AnalysesOf Note

    Post navigation

    ← Groups seek CVS Caremark privacy violation probe
    Sentencing in U. of Utah Hospitals and Clinics case →

    Now more than ever

    "Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

    Search

    Browse by Categories

    Recent Posts

    • Masimo Manufacturing Facilities Hit by Cyberattack
    • Education giant Pearson hit by cyberattack exposing customer data
    • Star Health hacker claims sending bullets, threats to top executives: Reports
    • Nova Scotia Power hit by cyberattack, critical infrastructure targeted, no outages reported
    • Georgia hospital defeats data-tracking lawsuit
    • 60K BTC Wallets Tied to LockBit Ransomware Gang Leaked
    • UK: Legal Aid Agency hit by cyber security incident
    • Public notice for individuals affected by an information security breach in the Social Services, Health Care and Rescue Services Division of Helsinki
    • PowerSchool paid a hacker’s extortion demand, but now school district clients are being extorted anyway (3)
    • Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines

    No, You Can’t Buy a Post or an Interview

    This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

    And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

    Want to Get Our RSS Feed?

    Grab it here:

    https://databreaches.net/feed/

    RSS Recent Posts on PogoWasRight.org

    • The App Store Freedom Act Compromises User Privacy To Punish Big Tech
    • Florida bill requiring encryption backdoors for social media accounts has failed
    • Apple Siri Eavesdropping Payout Deadline Confirmed—How To Make A Claim
    • Privacy matters to Canadians – Privacy Commissioner of Canada marks Privacy Awareness Week with release of latest survey results
    • Missouri Clinic Must Give State AG Minor Trans Care Information
    • Georgia hospital defeats data-tracking lawsuit
    • No Postal Service Data Sharing to Deport Immigrants

    Have a News Tip?

    Email: Tips[at]DataBreaches.net

    Signal: +1 516-776-7756

    Contact Me

    Email: info[at]databreaches.net

    Mastodon: Infosec.Exchange/@PogoWasRight

    Signal: +1 516-776-7756

    DMCA Concern: dmca[at]databreaches.net
    © 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.
    Menu
    • About
    • Breach Notification Laws
    • Privacy Policy
    • Transparency Report