The data breach suffered by the British National Party is a low-tech incident against which there is little defence. See http://news.bbc.co.uk/1/hi/uk/7736794.stm.
I have no personal sympathy for the BNP – and their politics are not for comment on this blog – but the incident is a good example of the impact that a disgruntled insider with access to confidential data can have.
It’s similar to a recent case that came my way where a former company employee, shortly after leaving his organisation, anonymously sent an email to senior management containing an alleged exposé of poor management practices within his business unit. A real case of sour grapes that fortunately had little impact other than to create some mischief.
While it’s possible to restrict an individuals access to the office and network once they have resigned or been fired, it’s not always easy to know what grudges may be held or what information or documentation might already have been removed. The insider threat, as the BNP have now discovered, remains a potent one.