Most companies rely on e-mail as the primary means of communication even when it comes to sharing classified information like customer account numbers, employee credentials, and confidential negotiations. A new report from the security firm, Tessian revealed that large organizations inadvertently suffer data breaches if one of their employees unintentionally sends sensitive data to an unauthorized recipient via email.
The report also highlighted that employees mistakenly send over 130 emails per week to wrong recipients, leaving the data security at risk. Tessian claims that workers sending company’s sensitive data to unauthorized/personal email accounts to over 200,000 times per year.
“Misdirected emails – emails accidentally sent to the wrong person – are particularly dangerous. Beyond just embarrassment over cc’ing the wrong person, for example, we are seeing serious repercussions as more people expose personal and corporate data. Simply misspelling a name can result in sensitive data or company secrets falling into the wrong hands and your company facing a regulator’s wrath,” the report stated.
Recently, a similar survey, “Current Status of Data Privacy Compliance”, from Email security provider Egress revealed that 44 percent of employees admit that they’ve mistakenly exposed personally identifiable information (PII) or business-sensitive information using their corporate email accounts. Over 70 percent of respondents experienced this type of breach during the last five years, with half of these incidents occurring in the previous 12 months.
The survey also highlighted that accidental internal breaches are rising. Based on the responses from 500 IT security decision-makers in the U.S., accidental employee breaches are ranked as one of the top three security concerns (46 percent), behind external hacks (55 percent), and malware attacks (53 percent).
To conclude, it is time companies realize that all communications made via emails may not be as private as they think. A single negligent employee’s action may break the safety and security of the organization.