23 October 2014

www.e-crypt.com

Simon Bower - www.e-crypt.com

6 | posts 20,071 | views 0 | comments

Information Security

The risks from Cyber cime - Hacking - Loss of Data Privacy - Identity Theft and other topical threats - can be greatly reduced by implementation of robust IT Security controls ...

RANCOUR AND 10M EURO BILL FOLLOWS UBS EMAIL ERROR

23 November 2010  |  4693 views  |  0

Ever clicked send on an email, and instantly regretted it? I think we’ve all been there – but perhaps not to the scale of one UBS employee this week, where a small error has created some rather significant repercussions.

Yes, this is the story of a UBS employee who inadvertently sent an email containing financial details of the then client General Motors’ to more than 100 people. Whoops!

GM have now pulled the plug on the deal – widely regarded as one of the largest currently in the market in an action that could end up costing the Swiss bank $10 million!

Now that’s what I call an own goal – and what a blow this is for the investment and wealth management bank’s reputation.

GM exposed the leak. So it’s safe to assume that once again the source of the data loss – UBS in this case – had no knowledge of the loss until a 3rd party mentioned it. This happens worryingly often. Not only are we losing data, but we aren’t aware when and where it’s gone!

Nick Lowe, head of Check Point’s Western Europe sales division commented: ‘We’ve all made this type of mistake at some point, either by choosing the wrong auto-fill email address, or selecting the wrong email distribution group.’

If we’ve all experienced this in the past, why aren’t we learning from our mistakes – especially with such important information? Yes it’s an accident, but GM has taken no sympathy in dropping UBS as chief underwriter – avoidable mistakes just do not wash with clients, particularly those spending these sorts of figures, and rightly so!

My sympathies go out to what many of you may believe to be the villain in this sorry episode – the ‘sender’. Such an easy to make error, may just have cost him his career. Why – because of UBS lazy and frankly inexcusable approach to client data security.

Where are company policies, protecting information of this nature, and their staff for that matter? A simple mistake caused by a lack of proper safeguards has resulted in one employees being the unfortunate, yet convenient fall guy for UBS.

Until all of us, not just UBS start properly protecting the data of ourselves, as well as clients – accidents and mistakes will happen. That's just a fact of life. Email compliance is not difficult to implement, yet 65% of all data leaks still occur by email, the majority of which are easily preventable.

$10 million loss of business, reputation dragged through the mud, I'm sure UBS will start taking email compliance seriously – does it really have to come to this before we will all sit up and take notice?

I will be interested to see if the Information Commissioner or the FSA have anything to say about this in the coming months.

TagsSecurityRisk & regulation

Comments: (0)

Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Latest posts from Simon

'PROTECT OUR DATA OR BE FINED' STATES THE UK CONSUMER!

06 December 2010  |  3153 views  |  1  |  Recommends 0 TagsSecurityRisk & regulationGroupInformation Security

RANCOUR AND 10M EURO BILL FOLLOWS UBS EMAIL ERROR

23 November 2010  |  4693 views  |  0  |  Recommends 0 TagsSecurityRisk & regulationGroupInformation Security

ANOTHER WEEK GONE. ANOTHER DATA DISASTER AVERTED!

08 November 2010  |  2692 views  |  0  |  Recommends 0 TagsSecurityRisk & regulation

DATA BREACHES: THE 5 MOST IMPORTANT THINGS YOU NEED TO KNOW!

02 November 2010  |  1920 views  |  0  |  Recommends 0 TagsSecurityRisk & regulation

DATA THEFT NOW THE BIGGEST CAUSE OF LOSSES: A WORRYING SIGN?

25 October 2010  |  3628 views  |  0  |  Recommends 0 TagsSecurityRisk & regulation
name

Simon Bower

job title

Product Manager

company name

www.e-crypt.com

member since

2010

location

Burton-upon-Trent

Summary profile See full profile »

Simon's expertise

What Simon reads
Simon writes about
Simon's blog archive
2010 (6)

Who is commenting on Simon's posts