They say that “for every action, there is an equal an opposite reaction”. So what does it take for a business to act on what is an indication that any company might suffer the same fate as Landmark White data breach?
Now, if you haven’t come across the story of what transpired to Landmark White, here is a snapshot:
A Sydney IT contractor has been arrested over a data breach at Landmark White, a property evaluation firm that allegedly affected more than 275,000 people, cost the organisation more than $8 million and resulted in troves of personal information being uploaded onto the dark web.
The alleged contractor accessed and published more than 170,000 data sets including names, addresses, contact numbers, property valuations and driver’s licences between September 2017 and May 2019.
The contractor was arrested following the high-profile cyberattacks targeting Landmark White, a property firm he had worked with for 12 years.
During 2019 Landmark White suffered from two major data breaches.
The first data breach saw Approximately 137,500 unique records and approximately 1,680 supporting documents posted onto the dark web and hurt the company’s revenue by up to $7 million.
Landmark White was placed into a state of temporary suspension from the Australian Stock Exchange (ASX) in early June after the company was hit with a second data breach this year. That breach saw company documents posted to US file sharing platform SCRIBD on Wednesday 29 May 2019.
After the second data breach Commonwealth Bank (ASX: CBA), ANZ (ASX: ANZ), National Australia Bank (ASX: NAB), Bankwest, Bendigo & Adelaide Bank (ASX: BEN), Suncorp (ASX: SUN), HSBC, and Latrobe all suspended LMW as a property valuer.
What was the ultimate impact to Landmark White (LMW)?
If there is one lesson that it’s becoming increasingly clear is that insider threat is no longer a security buzzword. The Landmark White incident demonstrates that insider attacks at private businesses can have significant consequences for an organisations’ customers, employees, operations, reputation and bottom line.
Insider threat is real. It requires an enterprise concern commanding executive-level attention.
The traditional approach of mitigating insider threats through some form of hardware and software technology does not work because you are dealing with people. It is important to note, there is no “silver bullet” solution for stopping insider threats. Furthermore, insiders go to work every day and bypass both physical and digital security measures. They have legitimate, authorised access to your most confidential, valuable information and systems, and they can use that legitimate access to perform malicious activity. They can also unintentionally cause harm.
Insider threats are an intriguing and complex problem. They are the most significant threat that faces your organisation every day. To address these threats, I recommend that your organisation consider policies, procedures, technologies and importantly shaping positive behaviours to mitigate threats in all areas of your organisation.
Download the insider threat book “Protecting Your Business From Insider Threats In 7 Effective Steps”
On a scale from 1 to 10, are you concerned that you might have a possible malicious actor within your organisation but don’t know whom it could be?
On a scale from 1 to 10, are you concerned that you might have a possible insider that unintentionally is placing your organisation at risk but don’t know whom it could be?
If your total score is less than 15, than contact us urgently to schedule a free consultation – firstname.lastname@example.org or +61 2 6282 5554 or register your details here – https://www.nakedinsider.com/contact-us