Coca-Cola is the latest company to fall victim to a data breach. Unlike some of the others that have recently made headlines, however, this one was conducted from within.
In September 2017, an employee at one of the company’s subsidiaries stole an external hard drive containing personal data belonging to more than 8,000 company employees. Law enforcement officials notified the company when the drive was confiscated, but urged them not to make a public announcement regarding the incident until their investigation had been concluded.
Coca-Cola complied with this request, which is why we’re only hearing about it now. Once the company got the green light from law enforcement, they notified all impacted personnel via a letter, which included::
“Our investigation identified documents containing certain personal information for Coca-Cola employees and other individuals that was contained in the data held by the former employee. We do not have any information to suggest that the misappropriated information was used to commit identity theft.”
As is becoming standard practice in the aftermath of such incidents, the company also announced that it would offer one free year of identity monitoring to the people impacted by the breach.
This latest announcement serves to drive home one of the main points made in a recently conducted survey, “The Global State of Information Security Survey 2018,” which concluded that insider threats are one of business’ top security concerns.
This breach is significantly smaller in both scope and scale than some of the others we’ve seen so far this year. However, the company is still suffering backlash, which has impacted both the trust of its employees and the company’s stock price. As of now, the company’s stock price is down nearly 4 percent over the last three months, with additional losses likely in the near term.