In February 2018 the personal information of over 21,400 marines, sailors and civilians were exposed when an employee of the Marine Force Reserves accidentally sent an email to the wrong distribution list. The unencrypted email contained an attachment that included not just names, but also social security numbers, bank routing numbers, credit card numbers, addresses, and emergency contacts.
In a statement about the breach, a Marines spokesperson assured that “no malicious intent was involved.” But, of course, at the end of the day, the sensitive information of thousands of people was still leaked to those who shouldn’t have access to it.
The media often represents cyber breaches as the result of someone cracking into remote systems. So, when we think of data breaches or other cybersecurity incidents, we generally imagine a hacker hunched over their desk in a dark room.
However, while there are bad actors behind many breaches, a number of reports show that, in the real world, a significant amount of breaches is simply due to human error. According to Verizon’s 2019 Data Breach Investigations Report, 21% of all data breaches are the result of user error. And, like in the case of the Marines breach, the leading form of error is the misdelivery of data. And another report by Opinion Matters shows that 79% of IT leaders believe employees have accidentally put sensitive company data at risk.
It is of course important for companies to continue to prevent outside threats effecting their systems. But the data shows that organizations should put just as much effort into protecting against breaches stemming from human error. And while you can’t always prevent someone from making mistakes, there are some steps employers can take to help prevent it.
Of course, it is important to provide proper training for employees at every level of the organizations. But in addition to this, making cybersecurity a key part of the overall business culture can go a long way towards reducing accidental disclosures. The report by Opinion Matters shows that 60% of insider breaches stem from employees rushing and making mistakes. It’s therefore essential for businesses leadership to help employees understand the importance of protecting company data.
