More Than 90% Of Companies Regularly Expose Employee And Customer Data

Some 91% of companies exposed credit-card numbers, and 82% exposed employee Social Security numbers, according to a recent study.
Employee and customer data is exposed, and potentially within the reach of hackers, at a whopping 91 percent of companies monitored by a security firm.

According to the second monthly Insider Threat Index generated by Reconnex, a Mountain View, Calif.-based enterprise risk management vendor, 91 percent of the companies undergoing assessment in July exposed credit card numbers, and 82 percent exposed employee Social Security numbers.

"The origin of the vast majority of these disclosures stemmed from human resources departments," said Reconnex's July index report. "[These departments] often accidentally exposed employees' personal information when they communicate with partners in health insurance, payroll, workers compensation, and other third-party processors."

In other cases, claimed Reconnex, employees are exposing data by sending files using Web e-mail services such as Hotmail and Yahoo Mail.

"We are seeing evidence of a growing trend regarding the distribution of sensitive data via Webmail," said the index's report. "Because so many corporations are setting size limits on files attached to e-mails, employees' only recourse is to send large, sensitive files using their own personal Webmail accounts."

The July index report can be downloaded as a PDF from Reconnex's Web site.

Editor's Choice
James M. Connolly, Contributing Editor and Writer
Carrie Pallardy, Contributing Reporter
Roger Burkhardt, Capital Markets Chief Technology Officer, Broadridge Financial Solutions
Shane Snider, Senior Writer, InformationWeek
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing
Brandon Taylor, Digital Editorial Program Manager
Jessica Davis, Senior Editor
John Edwards, Technology Journalist & Author