Internal data breaches are a real threat.

6 real-world examples of internal data breaches

Organizations tend to place a great deal of emphasis on protecting their data from external threats. And rightfully so. The threats out there are malicious and seem to be never-ending.

While this might be the case, however, that doesn’t mean you can’t be attacked from the inside.

In fact, in many cases, the real danger comes from internal threats. And here are 6 real-world examples to prove it.

Clarksons gets ransomware.

This UK-based shipbroker found itself in a bad position when it was compromised by an internal user account. The bad actor used this account to load ransomware onto Clarksons’ systems and then threatened to release sensitive data if they didn’t receive payment.

The organization responded quickly to the threat and removed that user account’s access. But since they refused to pay the attacker, they were forced to notify relevant parties that the stolen data might be released.

Related: The Definitive Guide – How to keep your business data alive

Deloitte lacks control.

In many cases, failure to adhere to cybersecurity best practices can result in major data breaches. Big four accounting firm, Deloitte, found this out the hard way back in 2017 when an unknown actor gained access to the company’s global mail server.

The attackers ended up with administrator access because two-factor authentication was not implemented on the email server’s user accounts. This meant that email communications and other restricted information was visible, which led to several of the organization’s blue-chip clients having compromised data.

Google gets played.

Anthony Levandowski is the developer of lidar, a technology that forms the foundation of autonomous car projects. He originally started out with Google’s self-driving car team but left the company to create his own business.

However, only two months later, Uber purchased his company. Around that time, Google discovered that Anthony had downloaded project files with the intent of selling them to Uber. A legal battle between Google and Uber began, which eventually settled in Google’s favor.

It’s important to pay close attention to employees who are getting ready to leave the company. They may have plans to take trade secrets and documents with them, especially if they’re leaving for a competitor or starting their own company in the same market.

Related: Adventures in data loss – strategies, statistics, and stories of disaster

AMSC loses it all.

Another employee who decided to bring intellectual property and company data with him when he jumped ship was Dejan Karabasevic.

As a member of the team that worked on AMSC’s software (an American-based turbine company), Dejan brought along trade secrets with him to his new employer, Sinovel (AMSC’s direct competitor). The losses associated with this move may exceed $1 billion, with $800 million of it related to the cost of the software alone — a cost that nearly put AMSC out of business.

Target doesn’t see it coming.

Before massive data breaches were an everyday occurrence, everyone always thought about Target when hacking or data loss was mentioned. But what got Target in so much trouble was their third-party contractor who handled the HVAC systems.

The vendor’s credentials were compromised and used to access data that ran through the point of sale systems. Over 70 million people were affected by this breach.


It’s important not to overlook internal security measures when you’re trying to find ways to keep your data safe. Current employees, third-party vendors, suppliers, partners, and other internal parties can represent the biggest threat to your cybersecurity. When you’re putting together an action plan to address your vulnerabilities, keep these potential attackers in mind.