Bleeping Computer reports that Verizon has notified the Maine Attorney General’s Office of an insider data breach affecting 63,206 employees.
According to their sample notice of what was sent to those affected, an employee gained unauthorized access to employee data on September 21, 2023, although Verizon didn’t discover the problem until December. The types of information involved included name, address, Social Security number or other national identifier (if available), gender, union affiliation (if applicable), date of birth, and compensation information of the affected employees.
The incident was not reported to law enforcement. A Verizon statement sent to Bleeping Computer included this intriguing statement:
We have not referred this incident to law enforcement. There is no indication of malicious intent nor do we believe the information was shared externally. – Rich Young, Verizon spokesman
If the file was acquired by the employee “without authorization and in violation of company policy,” and if Verizon states there was no indication of malicious intent, what was the employee’s intent?