Sage data breach highlights the risk of the insider threat

A Sage employee has been arrested at Heathrow Airport in relation to a data breach against the Newcastle-headquartered software giant which took place earlier this week. However, Sage, a supplier of accounting and payroll software, began notifying customers about the breach last week.

Someone with an internal login accessed the information, and apparently did a sloppy job of covering her tracks.

The arrest was confirmed by City of London Police this morning, which said that the suspect, a 32-year-old woman, has been bailed.

The police statement said she was a current Sage employee but provided no further details.

It is believed that between 200 and 300 United Kingdom businesses may be involved in the breach.

The arrest comes days after Sage admitted that it had suffered a data breach affecting up to 300 business customers.

“We can not comment further whilst we work with the authorities to investigate – but our customers remain our first priority and we are speaking directly with those affected”. However, Sage stores a range of information on clients – including names, addresses, and financial data – which would be valuable to identity thieves and attackers looking to clean out bank accounts fraudulently.

Shares in Sage-which has roughly six million customers worldwide-dipped more than four percent on Monday morning, after it revealed that a breach had occurred at the company.