The latest high-profile data breach at Sage has highlighted the importance of organizations investing in high-quality cybersecurity programs to keep them safe from internal threats.
The FTSE 100 company announced on Facebook that its system had been compromised, with unauthorized access occurring through the use of “an internal login”.
While it is still unclear as to how exactly this unfolded, it has drawn attention to internal weaknesses that exist in organizations, big and small.
Sage stated on the social network that a “small number of [its] UK customers” have been affected by this incident.
However, various news outlets like the Guardian and the BBC suggest that approximately 280 businesses have been caught up in this high-profile data breach.
“We are investigating unauthorized access to customer information using an internal login,” Sage said in a statement.
“We cannot comment further whilst we work with the authorities to investigate but our customers remain our first priority and we are speaking directly with those affected.”
How damaging this will be from a brand point of view is speculative, but already the accounting and payroll software company has experienced financial repercussions.
On Monday morning (August 15th), investors responded swiftly and negatively to news of the data breach – in early trading, Sage was the biggest faller on the FTSE 100.
The Information Commissioner’s Office in the UK will now look at whether Sage is partly at fault for the unauthorized access.
If this is found to be the case, it has the power to mete out appropriate punishment. This includes criminal prosecution and/or an audit.