Employee steals company’s entire customer base

by HCA20 Apr 2017
The online fashion retailer Black Swallow has been ordered to pay its competitor Showpo $60,000 following settlement of a data breach dispute.

Twenty-four-year-old graphic designer Melissa Aroutunian allegedly copied the details of 306,000 Showpo customers when she resigned and passed the data on to her new employer, Black Swallow.

Both parties have been ordered to pay their own legal costs, and Aroutunian has been banned from using or disclosing the contact list of Showpo.

After Aroutunian allegedly passed the customer database on to Black Swallow they began sending promotional emails to the contacts.

The list included contact information of customers, contacts, buyers, suppliers, associates, competition entrants, web users and subscribers.

However, there was no credit card or financial information among the stolen information.

Black Swallow chief executive Alex Baro claimed he did not offer Aroutunian payment in return for copying the client list.

What HR can do

In order to combat the threat of employees stealing information, HR really needs to work closely with their IT teams, said Lynne Lewis, partner, intellectual property at law firm Minter Ellison.

“HR must work with the IT teams to get good tracking and lockdown technology in place ahead of time,” she said.
 
“If I’m running a case, I want to be able to show that the night before someone actually departed or the night before they handed in their resignation, a USB key was inserted into their work computer and that XYZ was copied over onto that.”

HR teams also need exceptional internal communication in place whenever an employee resigns, added Lewis.
 
“I’ve seen many circumstances where the information doesn’t necessarily get told to the correct people who might notice that something unusual is happening with people’s access to premises or documents during that period of time,” she said.
 
“Had they known that person had resigned then they might have actually spoken up about seeing some strange things happening.”

About 14% of data breaches are conducted by disgruntled ex-employees, according to Deloitte.

Moreover, Carnegie Mellon University found that 70% of insiders who stole intellectual property from an employer did so within 60 days of their termination.

Related stories:

How HR professionals can effectively counter ‘insider threats’

Why cyber security is HR's business

Data sovereignty: Are you covered?

COMMENTS

Most Read