Small Business Hacking from an Insider
Small Business Hacking from an Insider
Most of the time we hear about a company being “hacked” or having it’s data stolen or exposed, more often than not a cyber-crime organization that works from the outside is responsible. Most attacks originate from south east Asia but cyber-criminals live in, and attack from almost every country. There have been and still are many cases where this occurs from the inside where an employee, co-worker or even business partner is the culprit, making you and your business the victim.
Recently, A small medical practice in Atlanta Georgia called A.P.A. had this happen to them. A.P.A.’s director of Information Technology, 38-year-old Eric McNeal, took a position with another firm that competed with A.P.A. The competing firm happened to be located in the very same building. McNeal used his home computer to log into their database, stole the information, then proceeded to delete all of the data of A.P.A.’s server. McNeal used the patient names and contact information he stole to launch a direct-mail marketing campaign for his new employer.
As a result McNeal received a 13 month sentence in prison with three years of supervision after his release. McNeal was also ordered to perform 120 hours of community service.
Had A.P.A. had a formal strategy in place for when employees are terminated or leave the business this could have been averted (especially since McNeal was the director of IT!). These policies need to strictly be enforced.
Another important note is that had McNeal not plead guilty to his crime he could have received up to a 5 year sentence.
Don't become a victim!