Posts Tagged ‘insiders’

The Money Times wrote about another inside information case, but rather different this time.

A Walt Disney Co. administrative assistant and her boyfriend were caught trying to sell inside information regarding the company’s earnings. Both of them were arrested Wednesday morning in Los Angeles.

Walt Disney Co.’s head of corporate communications, Zenia Mucha’s assistant Bonnie Hoxie and her boyfriend Yonni Sebbag plotted to sell confidential Disney information to investment companies. The duo sent out mails to about 33 companies, including hedge funds, offering to share Disney’s quarterly earnings report with them in exchange of money.

Releasing Disney’s confidential information

“Hi, I have access to Disney’s (DIS) quarterly earnings report before its release on 05/03/10,” read the letter, sent Mar 5. “I am willing to share this information for a fee that we can determine later.”

The United States attorney for the Southern District of New York has charged the two with conspiracy and wire fraud. Hoxie, 33, and Sebbag, 29, could face up to 25 years in prison and a $250,000 fine, if convicted on all charges.

A federal judge released Hoxie on a $50,000 bond but ordered that Sebbag must be held as a potential flight risk. The U.S. Securities and Exchange Commission has also sued the two.

Read the whole story >

Chris Sullivan writes an article in SC Magazine about various types of insider fraud as a threat to companies.

High-profile data breaches and compliance incidents – such as the recent rogue trading scandal at Societe Generale in France – have given a second meaning to ROI: “Risk of Insiders.” Is this happening to you? It almost certainly is.

Although most insider fraud either is not discovered or it’s not reported, a recent Ernst & Young security survey indicates that U.S.-based organizations lose about six percent of their annual revenues to insider fraud. For the smallest of last year’s Fortune 1,000 companies, that’s $100,000,000. No wonder SANS Institute listed insider threats near the top of its annual list of cyber menaces facing the enterprise in 2008.

Our studies and experience shows similar issues in Nordic countries. Several companies have not established a functional access control systems and procedures, this includes access to various shared files, information systems, sensitive information etc.

As daily business is evolving, every business unit is working for its own goals, there is no central position in the company having control over various business units, projects, shared files, software applications. So if an employee (insider) leaves a company, there is hardly anyone aware of the “full” access and information this person had.

Start from mapping current systems, information flows and access patterns. If you have an understanding of what is going on, then it’s time to start developing controls and improving processes.