Accounting software firm Sage has been the victim of some manner of data breach, a worrying prospect for customers who use the company's products.
Apparently, data pertaining to around 280 businesses in the UK was accessed – and possibly only accessed, as opposed to actually stolen – by someone from inside Sage (or at least, someone using an internal login at the company).
Investigation underway
A spokesperson for Sage told the BBC: "We are investigating unauthorised access to customer information using an internal login. We cannot comment further whilst we work with the authorities to investigate – but our customers remain our first priority and we are speaking directly with those affected."
Generally, data breaches are the result of an external hack, although this just goes to show that possible internal threats and potential rogue staff members should always be considered. And sometimes, the ammunition used for an external hack will have been provided by an insider, anyway.
Presumably, we'll hear more from Sage on what data might have been involved, what's happened to it, and how this incident actually unfolded in due course.
As we saw recently, MPs have recommended that the ICO should be given the power to impose a range of escalating fines on companies that suffer from data breaches, meaning continued security leaks would mean greater fiscal penalties.
Whether the ICO will find Sage at fault in this case remains to be seen.