At its core, theft of private, proprietary, and sensitive data is a transfer or storage of this information by an unauthorized party. In other words, the offenders steal the information from electronic devices, including computers, storage devices, and servers. It can be performed from the inside by the employees of the company or by an external attack. The data can include databases of client information, internal company data, and other sensitive information (Wyre et al., 2020). Once the attackers have an access to this data, they can use it in their malicious activity, alter, or delete it without the original owner’s permission. However, in most cases, the attackers just copy the information to use it mostly for identity theft.
In this case, the data theft was performed by the external attackers to gain information on the clients. The most likely purpose of the theft was identity fraud. The access was gained by phishing the employee with the link. Once inside the database system, the attackers attempted to copy the client’s information. Unfortunately, the company failed to prevent data theft. Later, the company employed several countermeasures, including cyber security training. However, the recommendation to the company is to limit access to the sensitive information of certain employees, as the employee’s in question tasks did not include handling the client’s data. According to Abidin et al. (2019), “Employees tend to ignore policies and standard operating procedures, providing opportunities for data theft and fraud to occur, although they realize this will result in a severe impact on the reputation of a company” (p. 1). This action can ease securing the system and reduce human error and negligence.
References
Abidin, M. A. Z., Nawawi, A., & Salin, A. S. A. P. (2019). Customer data security and theft: a Malaysian organization’s experience. Information & Computer Security.
Wyre, M., Lacey, D., & Allan, K. (2020). The identity theft response system. Trends and Issues in Crime and Criminal Justice, (592), 1-18.