Good morning and welcome to IT Security Guru news.
New Hampshire’s attorney general has today been notified of a breach at TD Bank. Reports indicate that an employee took personal data from the bank’s database and shared it with a third party, which has yet to be named.
In the report given to the attorney general, TD bank’s head of US privacy and Social media compliance said that the personal information they obtained may have included names, addresses and account numbers, as well as some data on secondary signers and beneficiaries.
This is the latest report filed by the bank, having made dozens of similar reports over the last few years. This should serve as a reminder for organisations that the insider threat is potentially the hardest attack vector to predict an attack coming from, since any employee or contractor may be the compromising link in the chain, not to mention the myriad of other ways the insider threat can manifest itself.
Our advice is to protect your files and intellectual property as best you can and monitor the activity on your network so you can identify suspicious behaviour, while keeping track of the personal factors that can motivate individuals to act against the organisation.
For more information on this story and others visit IT Security Guru dot org.