Back to blog

A Black Eye Before Black Friday

November 20, 2018
Employee data continues to be a leading target for criminals and 60% of attacks are carried out by insiders. Despite this startling statistic, 61% of organizations don’t monitor privileged users more closely than regular users. And as retailers are gearing up this holiday season for massive profits, so is the inside threat. The latest target is Nordstrom where it was just announced that employee names, Social Security numbers, birth dates, bank account numbers, salaries and other information was breached by a contractor. Customer data was not affected in the breach that took place on October 9th and there has been no evidence that the information has been used inappropriately yet. Authorities are investigating and the vulnerabilities that led to the breach have been closed. Nordstrom immediately notified its employees about the breach and has been commended for its transparency. It also just happened at the Chicago Public Schools (CPS) where a fired employee allegedly stole the personal information of approximately 70,000 in the CPS database. This included personal information about employees, volunteers and others, including names, employee ID numbers, phone numbers, addresses, birth dates, criminal histories and other records. After copying the information, the former employee then allegedly deleted the database off of CPS’s systems. Whether data is exposed inadvertently or part of a malicious breach, the inside threat is real. Often times, companies have a difficult time determining if a worker is doing their job or accessing information in a malicious manner. The lack of Audit trails makes it especially difficult to uncover the inside threat in HR systems. But now there is a way for you to secure your HR data by taking advantage of the same firefighting capabilities that you use with SAP ERP. Pathlock ResQ for SuccessFactors monitors for high-risk activities and provides a complete audit trail. Click here to view the 30 minute on-demand webinar: Firefighting for SuccessFactors and other Cloud Applications: What You Need to Know.