Outside attacks accounted for less than half of the cases.
In the first half of 2018, 64.5% of data leaks occurred due to the fault of the employees of the affected organizations, according to a report from the analytical center of InfoWatch, which was reviewed by RBC. Attacks by hackers caused leakage only in 35.5% of cases.
In the first half of 2018, 53.5% of the cases of leaks were those when an ordinary employee became the culprit, in 3.5% of cases – the contractor, 2.3% – the head, 1.9% – the former employee, 1.2 % – System Administrator. In the first half of 2017, external factors caused data leakage in 43.7% of cases, and internal factors – in 56.3%.
In 69% of cases, the personal data of employees and clients flow away. The share of payment information accounted for 21.3% of the leakage. Another 5.3% and 4.4% – state and commercial secrecy, respectively. Leaks through the browser and cloud storage account for 69.8%, another 11% – for paper documents, and 9.4% – for e-mail. The remaining leaks occur through messengers, removable media, mobile devices, as well as loss and theft of equipment.
InfoWatch experts believe that the reduction in the amount of data stolen by hackers is due to the increased administrative impact on the part of the state. Penalties against such companies forced their leadership to improve the level of information security, the study said.
The company believes that internal leakage has an “incommensurably greater risk” for the company, since the negative consequences from them are greater. This is due to the fact that external attacks are aimed at “homogeneous data”: information about users of the service or information about those who use the services. Due to a leak that has occurred through the fault of the personnel, any data, even the most important for the company, can be affected.