Counting the Cost of a Data Breach – Accountancy Firm Sage Hacked

Accountancy software firm, Sage, has suffered a data breach, in which "personal details and bank account information for employees of as many as 300 large UK companies may have been compromised."

Sage announced that they were "investigating unauthorised access to customer information using an internal login”. City of London police are currently investigating to determine who was responsible.

Weak password practices by employees are responsible for 65% of data breaches, so it’s no surprise that once again the attack vector is unathorised credential-based access. It’s not yet been disclosed just how the internal login details were obtained, whether by social engineering, insecure storage of passwords or whether it was simply a weak password that was easy for a hacker to work out.

Should the ICO decide that Sage have been negligent, the variety of imposed sanctions could vary from forcing an external audit of the firm to criminal prosecution. The cost to the organisation won’t be limited to remedying the damage or implementing a solution, reputational and financial damage can be significant, with Sage’s share price opening 4% down after news of the data breach.

When employees have to manage multiple passwords, security is often the first compromise. 2 out of every 3 attacks focus on credentials, with 63% of confirmed breaches involve taking advantage of weak, default or stolen passwords. It’s no surprise that credentials were responsible for the latest Sage breach, what is surprising is that they left themselves vulnerable to a credential-based attack.

[Update 17th August 2016]: City of London police haved arrested a 32-year-old employee of Sage at Heathrow airport in connection with a fraud investigation. 

Video: Check out how a 2,000-Employee Business Eliminated Insider Threat by Using My1Login.