I remember attending a conference several years ago and the guest speaker shared a story, saying she was convinced someone had tapped her brain. She told the audience about how she thought of an invention — she said it was a pure stroke of genius — and she was confident that no one had ever thought of her idea. And then out of nowhere, she saw an advertisement for a similar product. She continued her story with a chuckle and repeated her notion that someone had tapped her brain and stole her idea.
As I listened to the guest speaker share her story, I couldn’t help but think of a similar fraud case involving a breach in sensitive data.
It involved a company which specialized in medical devices and products. As the case unfolded, patients shared their experiences with investigators and remarked how they often wondered how this company knew so much about them. How were they able to pitch their products so well? It’s as if their brains, too, had been tapped.
It turned out that the company in question (mostly filled of fraudsters) often traveled to conferences, pitching their products and sharing their success stories. This company actively looked for individuals at the conferences that had access to sensitive information but also had a low moral compass. In short, they were looking for people to conspire with. They identified their conspirators by asking many questions and picked out the folks that had loose tongues and divulged a little too much information – they called them “the squeaky wheels”. They knew that they could get these folks to talk more by offering cash and gifts. They would lure these individuals to share more and discuss business matters over dinner, and once they were able to get these individuals to conspire, they would devise a plan by simply asking the employee to gain access to their company’s database, download that information and deliver it to them for cash and gifts.
This is a perfect time for me to remind folks about the importance of having strong internal controls. Managers, this is the perfect time to discuss non-disclosures and systems access with your staff, to ensure that we are good stewards of sensitive information.