Where Companies Leak

Another casualty of the recession is data security, as a growing number of departing employees walk off with their former employers’ data.


How exactly do job applicants’ personal data manage to leak out of large, venerable companies?

In many ways, it turns out. At Aetna, the large U.S. insurer being sued for allegedly failing to protect personal data, the hole was in a job-application Web site. At The Gap, where the personal information of 800,000 job applicants was exposed in 2007, the problem was blamed on a third-party contractor that allegedly failed to encrypt the data on a personal laptop that was later stolen.

Of increasing concern in this dark economy is a third channel for data loss: files removed by employees who leave after layoffs or in pursuit of better opportunities.

A recent study from Ponemon Institute LLC, 59 percent of employees who quit or are asked to leave, walk out the door with company data. Of those respondents who left with company data, 79 percent admit they took the data without permission from their former employers.

The study, ” Data Loss Risks During Downsizing,” sponsored by Symantec, polled 945 U.S. workers in January who left an employer within the preceding 12 months. All the people surveyed had access to a desktop or laptop computer for their jobs, and they all had access to proprietary information including customer data, contact lists, employee records, financial reports, confidential business documents, software tools and their employer’s intellectual property.