SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
DLP
#
Data Protection
#
Data leak
Massive data leak in Czech Republic- and how to avoid one
Tue, 21st Jun 2016
FYI, this story is more than a year old
By An Analyst, We Live Security
Follow us

Over 1.5 million customer records at T-Mobile Czech Republic were stolen by one of its employees, according to local media.

In an official statement, T-Mobile admitted that an incident has taken place but refused to confirm the scale or provide details about what information, if any, was leaked.

It said that due to an ongoing police investigation, it is “unable to provide any additional specific information”.

Based on the fact that the investigation has been handed over to the Czech Police Unit for Combating Organised Crime, speculation has arisen in Czech media that the data leak has been massive.

It probably involved all 1.5 million T-Mobile customers, making it the largest known data breach ever in the Czech Republic. According to the operator's spokesperson, the firm's security controls were triggered “immediately” following the illegal activity (the copying of the customer database).

It remains unclear what happened with the data – T-Mobile claims that the perpetrator was caught when attempting to sell the database, while some media outlets claim that the data actually fell into the wrong hands.

According to a 2016 Ponemon Institute study, an average data breach causes damages worth $3.5 million to the affected company.

“Employees are the biggest threat factor to data – be it they trade secrets, customer payment data or personal information on customers or employees,” commented Petr Žikeš- CEO at Safetica Technologies, a data loss prevention company.

“Anything that can be easily exploited or monetised is in danger of being stolen.

Safetica experts recommend the following steps to prevent incidents similar to what happened at T-Mobile Czech Republic:

  • Don't underestimate insider threats
  • Monitor data flows in your organisation to reveal risky operations
  • Monitor your workers, applying a risk-based approach (i.e. closely follow those in probationary period or notice period)
  • Set and enforce rules for handling critical data
  • If data security is important for your organisation, then consider implementing a Data Loss Prevention solution
Related stories
Keeper Security launches user-friendly passphrase generator
First-party data collection prioritised due to privacy laws
IBM strengthens cyber resilience alliance with Cohesity
Commvault appoints Ashley Baird as new VP & MD of Market Expansion
Malwarebytes launches free Digital Footprint Portal to protect personal data
Top stories
RiverSafe teams up with Cribl to boost IT & data security services
Business leaders anxious over data security – report
Half of online traffic in 2024 generated by bots, report finds
Understanding the key to boosting cybersecurity habits: Kaspersky study
Axis unveils hybrid cloud platform for adaptable security solutions