We talk a lot about the kind of damage that hackers can do if they manage to infiltrate a company’s network. We talk about the havoc that someone could wreak if he stole or found a laptop with company information on it. But we often gloss over or completely neglect to mention the devastation that an unscrupulous or disgruntled employee can cause. Sadly, that’s a mistake that employers live to regret every day.
Department of Health and Human Services employee Christopher Lykes was arrested and, according to WMBF News, charged with “five counts of Medically Indigent Act confidentiality violations and one count of disclosure of confidential information,” for accessing and then emailing to his own Yahoo! email address the personal information of more than 228,000 South Carolina Medicaid recipients. The information that DHHS entrusted to Lykes contained the Medicaid recipients’ names, addresses and Social Security numbers.
No one knows where Lykes sent the information, why he wanted it or what he intended to do with it, all things that DHHS and the State Law Enforcement Division (SLED) are trying to find out. SLED has confiscated Lykes’ company and personal computers, including a laptop, as part of its investigation.
A hole in DHHS’ security system that allowed employees to gain access to sensitive information without having to justify why they needed access to it has since been closed, DHHS director Tony Keck told WMBF.
Incidents like the one involving Sykes serve as excellent examples of why companies need strict email monitoring policies and security measures that prevent employees from emailing, copying to a USB device, or even printing or downloading to their desktops or laptops, sensitive company or client information.
No one likes to feel distrustful of others. Unfortunately, not everyone is honest and trustworthy. So, those business leaders who are truly committed to the success of their businesses will heed the aforementioned cautionary tale and make haste to start plugging the holes in their own security systems.