“Great resignation” sparks concern over insider data leaks

According to new research, there is a direct correlation between resignations, departing employees, and data exposure through theft and leaks.

Mark Wojtasiak, vice president of Portfolio Marketing at cyber security company Code42, said that in an analysis of data-exposure telemetry from devices using the company’s software, data was leaving organizations at the same time as employees were handling in letters of resignation.

“Our analysis shows a direct correlation between resignations, departing employees, and exposure events. Turns out, when people leave, so do source code, patent applications, and customer lists,” he said.

The company looked at data from over 700,000 endpoints running Code42’s Incydr software between January 1 and June 30, 2021. The research found that not only was there an 40% increase in data exposure events between H2 2020 and H1 2021, but there was also a 61% increase quarter-over-quarter within the first half of 2021.

The three-month period between April and June 2021 saw 61% more exposure events than the previous quarter and accounts for 86% of all exposure events (across all vectors) experienced by organizations throughout the previous half (July through December 2020). Data exposure peaked at the same time the US experienced a massive shift in employment.

The research also found that source code exposure has increased three times over the past year. During Q2 2021, source code accounted for 11% of all data exposure events. Plus, Q2 2021 accounted for 47% of all source code exposed within the past year, confirming the ties between massive job shifts and valuable, sensitive information exposure.

Removable media, primarily UBSs, represented the most widely used exposure vector. Removable media accounted for 42% of all exposure events, making it the top single exfiltration vector. The second-highest single exfiltration vectors were cloud sync agents at 37%.

The data also revealed that Google Chrome accounted for 52% of all application exposure not tied to a cloud sync agent or removable media. Wojtasiak said that rather than indicating that Google Chrome is particularly problematic — it instead denotes its dominant market share within professional environments.

“Our analysis illustrates that many of these employees will likely take data with them to their next company,” said Wojtasiak. “When data falls into the wrong hands, it’s devastating to a company’s competitive position and jeopardizes the financial, reputational, or operational well-being of a company, its employees, customers, and partners.”