Here’s today’s reminder of the insider threat (well, this, and the fact that U.S. government officials continue to deny any problem with discussing attack plans on Signal). The Argus reports: A former GCHQ intern has admitted risking national security by taking top secret data home. Hasaan Arshad, 25, from Rochdale, Greater Manchester, pleaded guilty to…
Category: Insider
The PIPC Sanctions Woori Card for Data Breaches, Imposing KRW 13.45 billion
The Personal Information Protection Commission (PIPC) held its seventh plenary meeting of 2025 and reached a decision to sanction Woori Card Co., Ltd. (Woori Card) for data breaches on March 26, 2025. Administrative sanctions by the PIPC are as follows: A penalty for violations (Gwajingguem) of KRW 13.45 billion; A publication order of sanction results…
Department of Defense civilian employee pleads guilty to taking classified documents
Today’s reminder of the insider threat, from the U.S. Attorney’s Office for the Eastern District of Virginia: ALEXANDRIA, Va. – A civilian electrical engineer for the Department of Defense pled guilty today to unauthorized removal and retention of classified material. According to court documents, Gokhan Gun, 51, of Falls Church, was born in Istanbul, Turkey,…
The Escalating Challenge of Insider Threats
NISOS’s new blog post is on one of DataBreaches’ favorite topics — the insider threat. Here are some snippets from their blog post: The surge in insider threats is alarming. The 2024 Verizon Data Breach Investigations Report (DBIR) reveals that insider-related incidents constitute nearly 60% of all data breaches, underscoring the pressing need for robust internal security…
Alleged Data Breach at Korea Aerospace Research Institute Sparks Major Investigation
In today’s reminder of the insider threat, Jung Suk-yee reports that employees of the Korea Aerospace Research Institute (KARI) are being investigated by the Daejeon Metropolitan Police Agency for leaking sensitive technology: The investigation, which has captured national attention, involves a suspected breach of data related to South Korea’s ambitious Nuri space launch vehicle project….
Texas Man Convicted of Sabotaging his Employer’s Computer Systems and Deleting Data
There’s an update to an indictment announced by the DOJ in April 2021. In today’s reminder of the insider threat, DOJ announced: A federal jury in Cleveland convicted a Texas man today for writing and deploying malicious code on his former employer’s network. According to court documents and evidence presented at trial, Davis Lu, 55,…