Huge Morrisons data breach due to employee with grudge, court hears

A Morrisons employee with a grudge was responsible for posting personal data of nearly 100,000 staff onto the internet, a court heard.

According to a report from the Liverpool Echo, prosecutors alleged that Andrew Skelton, 43, leaked the information after he was warned for misusing the company mailroom to send out eBay packages.
The breach cost the company more than £2m to rectify, Bradford Crown Court heard.

The data was also sent to national newspapers including the The Guardian, Trinity Mirror Newspapers, and included salaries, National Insurance numbers, dates of birth and bank account details, prosecutor Katherine Robinson told a jury.

Robinson said that the mailroom incident occurred in 2013, and defendant was subject to subsequent disciplinary action, after a package was found in the mail room at Morrisons HQ, in Bradford.
“He was allowed to continue with his employment,” Miss Robinson said.

“The prosecution case is that as a result of that disciplinary matter the defendant bore a grudge against Morrisons… which led to his offending in this case.”

Skelton denies one count of fraud by abuse of position, one of unauthorised access to data with the intent of committing an offence and one of disclosing personal data. The case continues.

As reported by welivesecurity.com recently, the average ‘low-end’ cost of a major cybersecurity breach has more than doubled from £600,000 (~$917,000) to £1.46 million (~$2.2 million) in the last year.

Companies with more than 500 employees found that the average cost of a breach went all the way up to £3.14 million (~$4.8 million). The number of large companies that were the victim of some kind of data breach also hit 90 percent – up from 81 percent, last year.

Author , ESET

Follow us

Copyright © 2016 ESET, All Rights Reserved.