Font Size: A A A

Case Studies

Detective on employee data theft

A commercial detective agency is reporting an rise in organisations contacting them after employee data theft.

Businesses of any size and across any sector can be victims of employees stealing company data, says Expert Investigations Ltd. Whether it is in relation to personal data or confidential business information, the Midlands-based agency says it undertakes on average 30 such cases a year.

IT and data fraud can lead businesses to lose profits and even cause them to go out of business. Often, the ‘insiders’ are current or former employees who may forward data on to an external person, use it to take to their next employer or even start their own business with invaluable information that can take years to gather. Recently, Expert undertook an investigation on a managing director in the engineering sector, suspected of stealing company data. The agency was called to find evidence of any unlawful acts. The MD was covertly put under surveillance and a forensic examination made of his work computer. He had indeed been stealing data from the computer system including client lists, contract details and supplier lists. He was establishing to set up a competing company, with a senior employee from a competitor.

With the evidence provided to the client, solicitors were able to obtain an injunction against all parties and effectively stop the enterprise.

Dave Kearns, pictured, Managing Director of Expert Investigations Ltd said: “In the UK, unlawfully obtaining or accessing personal data without the consent of the data controller is a criminal offence under section 55 of the Data Protection Act 1998. Sadly, this doesn’t stop employees stealing data and the consequences are so severe it can lead to dismissal and in some cases prison sentences.

“Whether you are small, medium or large business, companies really need to be more vigilant as they don’t think about the impact of employees stealing their data for either personal or third party use. We have seen a significant rise in the number of cases we investigate, however simple measures can be put in place to reduce the chances of data theft arising.”

How companies can protect themselves

1. Initiate a digital forensic policy within the company to swiftly aid an investigation. It also acts as a deterrent as employees will know it exists.
2. Restrict access to data, including remote access to the system. Not all employees need access to everything.
3. Unless it is a requirement for work, prevent/disable write access to USB slots on all computers (including CD/DVD drives). Monitor the usage and dictate that only company issued USB devices are to be used if they are needed at all.
4. Use software/hardware protocols to restrict access to web based emails and cloud storage facilities (other than those required for company use). Rigorously enforce password security.
5. Initiate/enable system/security event recording on all systems and initiate random testing/checking of employee systems.
6. Have a rigorous backup system that prevents an employee from deliberately wiping data. All these measures should be recorded and mandated through employee handbooks and company policies to ensure that there is recourse to disciplinary action if necessary.

Case study: Operation Kingston

A company from the commercial sector required assistance in observing an employee suspected of stealing data and monies.
Initially, the company had granted a budget and permission for the employee to access data for a project to establish a new sector of business under a new company name as a subsidiary.

As the project was under way, the company felt something wasn’t right. Calling on Expert Investigations Ltd, it was discovered that the employee planned to set this up as her own company and in advance stole the client lists and account details for her own use.

By investigating her work computer and obtaining a seizure order for her personal computer, ipad and mobile telephone, it was discovered that not only was there stolen data, but the employee diverted funds to herself from the budget that the company had initially given her.

The evidence collated enabled the company to dismiss her and served the employee with an injunction from the court. She was ordered to pay back all monies and very substantial compensation for the use of the stolen data.



Related News