Major management and accounting software developer Sage is investigating a data breach concerning up to 300 UK businesses.
The software company was founded in 1981 and now has more than 13,000 employees worldwide. The breach has already impacted their share prices, which fell 3.9% in the first hour of trading on Monday. Sage are the only technology stock remaining on the FTSE 100, with an annual turnover of £1.3Bn
Sage were alerted of the breach and are now investigating an “unauthorised access to customer information using an internal login”.
The Information Commissioners Office (ICO) will more than likely be involved in the investigation given the nature of the breach, involving such a high profile company who provide services in over 23 countries around the World. the ICO “requires organisations to have appropriate measures in place to keep people’s personal data secure”. They added, “where there’s a suggestion that hasn’t happened, the ICO can investigate, and enforce in necessary”
Sage have stated the data breach may have compromised the personal details and bank accounts for employees, affecting between 200 and 300 businesses. They have contacted at least 200 business they know to be affected by the incident but more may arise upon further investigation.
If found negligent, the ICO could take action including criminal prosecution, non-criminal prosecution or undertaking an audit at the firm.
Data protection has been a hot topic in the UK after the high profile data breach at TalkTalk in October 2015 which affected 156,000 customers. the company’s share price dropped by 10% following the incident, which it is still recovering from. The ICO can only impose penalties of up to £500,000 but the data breach will cost the business far more than that in customer compensation and future sales – one report claims it will cost them up to £35 million.
Fines from governing authorities such as the ICO are not the only punishment from a data breach – TalkTalk’s annual report shows they lost around 100,000 customers, 95,000 of which stated the data breach was the reason they left.