Story image

Massive data leak in Czech Republic- and how to avoid one

21 Jun 2016

Over 1.5 million customer records at T-Mobile Czech Republic were stolen by one of its employees, according to local media.

In an official statement, T-Mobile admitted that an incident has taken place but refused to confirm the scale or provide details about what information, if any, was leaked.

It said that due to an ongoing police investigation, it is “unable to provide any additional specific information”.

Based on the fact that the investigation has been handed over to the Czech Police Unit for Combating Organised Crime, speculation has arisen in Czech media that the data leak has been massive.

It probably involved all 1.5 million T-Mobile customers, making it the largest known data breach ever in the Czech Republic. According to the operator’s spokesperson, the firm’s security controls were triggered “immediately” following the illegal activity (the copying of the customer database).

It remains unclear what happened with the data – T-Mobile claims that the perpetrator was caught when attempting to sell the database, while some media outlets claim that the data actually fell into the wrong hands.

According to a 2016 Ponemon Institute study, an average data breach causes damages worth $3.5 million to the affected company.

“Employees are the biggest threat factor to data – be it they trade secrets, customer payment data or personal information on customers or employees,” commented Petr Žikeš- CEO at Safetica Technologies, a data loss prevention company.

“Anything that can be easily exploited or monetised is in danger of being stolen.”

Safetica experts recommend the following steps to prevent incidents similar to what happened at T-Mobile Czech Republic:

  • Don’t underestimate insider threats
  • Monitor data flows in your organisation to reveal risky operations
  • Monitor your workers, applying a risk-based approach (i.e. closely follow those in probationary period or notice period)
  • Set and enforce rules for handling critical data
  • If data security is important for your organisation, then consider implementing a Data Loss Prevention solution

Article by an analyst for We Live Security

Survey: IT pros nostalgic over on-prem data centre visibility
There are significant security and monitoring challenges faced by IT staff responsible for managing public and private cloud deployments.
61% of CIOs believe employees leak data maliciously
Egress conducted a survey to examine the root causes of employee-driven data breaches, their frequency, and impact.
Opinion: BYOD can be secure with the right measures
Companies that embrace BYOD are giving employees more freedom to work remotely, resulting in increased productivity, cost savings, and talent retention.
Sonatype and HackerOne partner on open source vulnerability reporting
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
OutSystems and Boncode team up for better code analysis
The Boncode and OutSystems alliance aims to help organisations to build fast and feel comfortable that the work they're delivering is at peak quality levels.
Security top priority for Filipinos when choosing a bank - Unisys
Filipinos have greatest appetite in Asia Pacific to use biometrics to access banking services
Nuance biometrics fight back against fraud
Nuance Communications has crunched the numbers and discovered that it has prevented more than US$1 billion worth of fraud from being passed on to users of its Nuance Security Suite.
Attacks targeting Cisco Webex extension explode in popularity - WatchGuard
WatchGuard's Internet Security Report for Q4 2018 also finds growing use of a new sextortion phishing malware customised to individual victims.