The Morrisons staffer who leaked the supermarket’s 100,000 payroll database did so in revenge for disciplinary action after he was found to be using the firm’s mailroom to send and receive personal items.
According to the prosecution representing Morrisons at the Bradford Crown Court trial, IT auditor Andrew Skelton published the database after being incorrectly disciplined for receiving packages at the company’s HQ in Bradford.
The file, containing employee names, addresses, bank account numbers and national insurance numbers, was briefly posted on a website in March last year and sent to several newspapers, who alerted police and the company.
The court heard how Morrisons initially believed that one package contained drugs but it transpired that Skelton was using the mailroom to buy and sell goods on eBay.
Had the leaked data fallen into the wrong hands, it would have constituted one of the most serious data breaches in UK corporate history.
Skelton also handed in a resignation letter in the days before the incident, in which he is alleged to have written. “I have almost as little concern for the company as it does for me.”
Morrisons claims that investigating and remediating the theft cost it £2 million. The case continues.
Staffer held over Morrisons breach
Graham: I’ll only spank the bad boys
Apple acts as scammers go wild
The naked truth about online data
Apple blames customers for breach
Breaches ‘everyday occurrences’
Half of eBay users now wary
Marketers shoulder hacking costs
Cyber gang banged up for 30 years