![]() ![]() While you may never get taken for $1 million, by implementing some data access controls you’re reducing the chances you’ll get taken for a ride. At a minimum, we recommend that our clients have a shared folder that all can access, and another shared folder that only the owner/management can access. It’s important to think through your data and limit employee access to just what those folks need to do their jobs. But what are you doing to limit employee access to things they really shouldn’t see - like HR/payroll data, financials, tax records, and other business documents? Let’s face it, there are some things that only the owner (and maybe the office manager/finance person) should have access to. It’s a similar breach to how Twitter was hacked in July 2020. Now what does this have to do with your company’s data? A lot! As a small/micro business, it’s really tempting to set up your server (or Dropbox, etc) where everyone has access to everything. Robinhood instead notified law enforcement and security firm Mandiant to investigate the breach. But the more I thought about this, the more I settled on one question - why weren’t there limits on the dollar value of a return that an employee can process without management approval? Why did Kroger's systems even allow him to process a return for such a high dollar amount? If Kroger’s systems had such limits where any return over $500 (for argument’s sake) required management approval this scam might possibly have drug out longer, but would almost certainly not have hit such a high dollar value. An $87,000 return! From a Kroger! Eventually he was caught, of course. Then he decided to go real big and processed returns up to $87,000. But as he seemed to get away with it, his returns got bigger. Like most crimes of this sort, it’s said he started small - something around $10. How he was able to do this is a great illustration of why limiting access to your company’s data is so important.Īccording to news reports, this person processed returns for non-existent items and credited the returns back to a credit card. This was a teenager working behind the customer service counter. This wasn’t even a corporate employee, mind you. Accellion notified Kroger that an unauthorized person gained access to certain. 12:57 PM 0 Supermarket giant Kroger has suffered a data breach after a service used to transfer files securely was hacked, and threat actors stole files. This information included names, Social Security numbers, birth dates, insurance information, medical history, and more. You may have heard in the news recently about a Kroger employee in Metro Atlanta who was able to scam the company out of nearly a million dollars. Reports noted that in December 2020 a zero-day security vulnerability was. Kroger announced the December 2020 breach in February 2021, saying an unauthorized user had accessed the personal information of Kroger pharmacy and money services customers, as well as that of current and former employees. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |