Data Loss Prevention, Insider Risk

Ex-UBS Employee Suspected of Data Theft Becomes a Fugitive

By Veriato Team

A former UBS employee, known as “Rene S.” is suspected of commercial espionage, believed to have stolen account and financial details on more than 200 UBS clients back in 2010 and selling the data to German tax officials for $1.3 million. According to Bloomberg, the accused has gone missing.

What’s most fascinating about this story is the lack of detail it appears UBS has to conclusively identify “Rene S.” as the threat actor. Let’s look at how UBS knows it was Rene S.

If it was your organization, you’d like to know based on logged user activity data from the application hosting the data stolen, right.? In the case of UBS, it was mere deduction; according to UBS human resources, the bank identified Rene as the perpetrator through a process of elimination based on who had access to all systems involved.

The problem with this method is it doesn’t conclusively prove which person is responsible – sure, Rene’s user account has all the access necessary, but that doesn’t mean he did it. In fact, another UBS employee asserted that it was actually a computer technician that stole the data.

While we’re not sure how this trial will end up (particularly if the accused doesn’t show up), but we do know one thing – employers need conclusive evidence that will stand up in court when it comes to data theft.

Organizations with data sensitive enough to take someone to court should it be stolen need to have an unalterable audit trail that provides a clear picture of who performed the act, what actions were taken, and provide activity detail before and after the data theft (e.g., communications with, in UBS’ case, the German tax authorities, or the transferring of files via webmail, file sharing, etc.). Those organizations leveraging Employee Monitoring Software have visibility into all aspects of a user’s interaction with the network, systems, applications, and data. With playback of screen recordings, demonstrating what transpired makes cases like UBS’ open and shut.

Insider Risk – How Prepared Are You?

Not every company is equally prepared to deal with insider risk. This report outlines the four stages of insider risk maturity and explores how to improve your insider risk preparedness.

About the author

Veriato Team
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida.

Productivity & Insider Risk Resources

Work From Home, Quiet Quitting, and How Insider Risk Has Changed

Work From Home, Quiet Quitting, and How Insider Risk Has Changed

March 2023 marks approximately three years since the world shut down at the beginning of the Covid-19 pandemic. Since then, organizations have seen their workforce change considerably. What was originally a short term plan to work from home has become ingrained in our...

Focusing On Productivity Helps Reduce Insider Risk

Focusing On Productivity Helps Reduce Insider Risk

Many companies are concerned by the uptick in insider risk that’s come with the work-from-home boom. By one estimate,  58% of office workers work from home at least one day a week. This trend creates blind spots for companies. Managers see their employees less often,...

Elizabeth Harz RSAC 2023 Interview

Elizabeth Harz RSAC 2023 Interview

Elizabeth Harz, CEO of Veriato, gave an interview to ISMG at this year's RSA Conference in San Francisco. In it, Elizabeth covers the challenges of maintaining data security in the remote or hybrid workforce environment and the rising cost of data breaches. She also...