We’ve all heard of the Great Resignation, a pandemic-driven shift in people’s work preferences. But new research from Cyberhaven suggests that this has gone hand-in-hand with a huge stealing of data.
Based on anonymized details from over 1.4 million workers and spanning 360,000 data exfiltration incidents and a broad sample of companies, including 11 percent of the Fortune 100, it reveals data ranging from customer information to software source code being exfiltrated in large volumes.
The findings show that nearly one in ten employees (9.4 percent) will exfiltrate data over a six-month period, and they’re much more likely to take sensitive information in the two weeks before they resign (an 83.1 percent increase in incidents compared to the baseline).
The top one percent of most prolific employee ‘super stealers’ are responsible for 7.7 percent of incidents, and the top 10 percent are responsible for 34.9 percent. Customer data is the most commonly stolen (44.6 percent of incidents), followed by source code (13.8 percent). Personal cloud storage accounts — especially Dropbox — are the most common method used to take data (27.5 percent of incidents), followed by personal email (18.7 percent).
Cameron Coles, head of product marketing at Cyberhaven, writes on the company’s blog, “The risk of employees taking data has never been higher: 47 million Americans quit their jobs in 2021 and 40 percent say they’re considering quitting. This is a side effect of The Great Resignation that’s rarely discussed: The likelihood that workers are taking critical business IP with them. We discovered that exfiltration incidents spike in the two-week window before employees give notice. During this time, the employee knows they’re going to leave but their employer doesn’t, so they’re less likely to be monitored.”
You can read more and get the full report on the Cyberhaven blog.
Photo credit: scyther5 / Shutterstock