A Sage employee has been arrested following a data breach which may have exposed information belonging to hundreds of business customers.
As reported by the BBC, the unnamed 32-year-old female was arrested on Wednesday at Heathrow Airport in connection to a recent fraud investigation.
This week, Sage, a provider of accounting and business software for companies worldwide, admitted to a data breach caused by someone accessing internal systems with employee credentials rather than an external cyberattacker.
The company has not yet disclosed whether information belonging to business clients has been leaked, sold or otherwise compromised, and it is not yet known what specific data may be at risk. However, Sage stores a range of information on clients — including names, addresses, and financial data — which would be valuable to identity thieves and attackers looking to clean out bank accounts fraudulently.
Sage has notified customers involved in the data leak and law enforcement is investigating. The arrested employee has since been bailed.
It is believed that between 200 and 300 UK businesses may be involved in the breach.
In a statement, the Newcastle-based firm said:
“Our customers are always our first priority so we are communicating directly with those who may be affected and giving guidance on measures they can take to protect their security. Please note this issue does not affect any customers in other countries.”
Cyberattacks are on the rise, and now, businesses not only have to deal with the threat of external attackers but insider threats. According to IBM’s X-Force security team, 55 percent of all corporate cyberattacks are either caused by malicious employees or through accidental, human error on the inside.