eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
By Tom Jowitt
The arrest comes just days after the British accounting software giant admitted that it was investigating a case of “unauthorized access” to customer data.
Police Arrest
Sage, of course, is one of the last remaining independent British software giants. It specializes in business software, having made its name in accounting and payroll programs.
But earlier this week, the Newcastle-based firm admitted that the personal information relating to employees at 280 U.K. businesses that are customers of Sage had been accessed. It is thought that the information included employee bank account details and salary information.
To make matters worse for the firm, it seems that the data had been accessed by someone using an “internal” login, making the arrest of a Sage employee at Heathrow highly significant.
The police began an investigation which resulted in the arrest on Wednesday of a 32-year-old female Sage employee, at Heathrow.
“On the 17 August The City of London Police arrested a 32-year-old woman on suspicion of Conspiracy to Defraud at Heathrow airport,” the City of London police told TechweekEurope in an emailed statement.
“The woman was arrested in connection with an alleged fraud against the company Sage. She has since been bailed,” the police said.
“The woman is a current employee of Sage,” the police said.
Threat Within
The arrest of the Sage employee highlights the growing threat firms now have to contend with. Not only do outside hackers present a security risk, but so do threats from within the corporate firewall.
As far back as 2014, the FBI warned companies of the security risks to their systems posed by unhappy employees and former members of staff.
The Feds advised firms to put into place user-centric identity and access management programs to help reduce the threat.
A recent IDC study found that only 12 percent of the businesses surveyed were highly concerned about threats posed by malicious insiders, with only 27 percent concerned about poor end-user security practices.