Data Loss Prevention, Insider Risk

Ex-UBS Employee Suspected of Data Theft Becomes a Fugitive

By Veriato Team

A former UBS employee, known as “Rene S.” is suspected of commercial espionage, believed to have stolen account and financial details on more than 200 UBS clients back in 2010 and selling the data to German tax officials for $1.3 million. According to Bloomberg, the accused has gone missing.

What’s most fascinating about this story is the lack of detail it appears UBS has to conclusively identify “Rene S.” as the threat actor. Let’s look at how UBS knows it was Rene S.

If it was your organization, you’d like to know based on logged user activity data from the application hosting the data stolen, right.? In the case of UBS, it was mere deduction; according to UBS human resources, the bank identified Rene as the perpetrator through a process of elimination based on who had access to all systems involved.

The problem with this method is it doesn’t conclusively prove which person is responsible – sure, Rene’s user account has all the access necessary, but that doesn’t mean he did it. In fact, another UBS employee asserted that it was actually a computer technician that stole the data.

While we’re not sure how this trial will end up (particularly if the accused doesn’t show up), but we do know one thing – employers need conclusive evidence that will stand up in court when it comes to data theft.

Organizations with data sensitive enough to take someone to court should it be stolen need to have an unalterable audit trail that provides a clear picture of who performed the act, what actions were taken, and provide activity detail before and after the data theft (e.g., communications with, in UBS’ case, the German tax authorities, or the transferring of files via webmail, file sharing, etc.). Those organizations leveraging Employee Monitoring Software have visibility into all aspects of a user’s interaction with the network, systems, applications, and data. With playback of screen recordings, demonstrating what transpired makes cases like UBS’ open and shut.

Insider Risk – How Prepared Are You?

Not every company is equally prepared to deal with insider risk. This report outlines the four stages of insider risk maturity and explores how to improve your insider risk preparedness.

About the author

Veriato Team
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida.

Insider Risk & Employee Monitoring Resources

Is Employee Monitoring Software Worth The Investment?

Is Employee Monitoring Software Worth The Investment?

Key Takeaways: Employee monitoring software offers detailed insights into employee activities, enhancing productivity and bolstering data security. Choose the right software based on features, cost, integration capabilities, and scalability to align with specific...

How To Choose The Right Employee Monitoring Software

How To Choose The Right Employee Monitoring Software

Remote work is becoming increasingly common, and data breaches are a constant threat. The importance of employee monitoring software has never been more pronounced. For businesses looking to safeguard their digital assets while optimizing workforce productivity,...

UEBA: Revolutionizing Security With Advanced Analytics

UEBA: Revolutionizing Security With Advanced Analytics

Key Takeaways: Behavior-Focused Security: UEBA revolutionizes cybersecurity by analyzing user behavior patterns, providing a dynamic approach to detecting anomalies and potential threats. Flexible and Adaptable: Scalable for any organization size, UEBA integrates with...