New Report Shows Employees at Large Organization Send Over 130 Emails Every Week to the Wrong Person

• The report also reveals that workers are sending company data to unauthorized or personal email accounts nearly 200,000 times a year.
• The UK ICO has made it clear that failure to implement appropriate organizational and technical measurements to protect data will result in significant penalties.

‘Human error’ is one of the prominent factors for data breaches at organizations. A new report from Tessian has revealed that large organizations unknowingly fall victim to data breaches after one of their employees mistakenly sends sensitive data to unauthorized or third-party sources.

What does the report say?

Tessian has highlighted that employees at large organizations send over 130 emails a week to the wrong person and this can put the firms at risk. Apart from this, it has also found that workers are also sending company data to unauthorized or personal email accounts nearly 200,000 times a year.

What are misdirected emails?

Misdirected emails occur when emails are accidentally sent to the wrong person. This can result in dire consequences if the unauthorized recipients will use it for fraudulent activities. Organizations can also experience serious repercussions if the email exposes personal and corporate data.

“These mistakes could see your data falling into the wrong hands and your company facing the regulator’s wrath under GDPR,” said Tessian CEO, Tim Sadler, InfoSecurity reported.

More facts on misdirected emails

According to the latest figures from the Information Commissioner’s Office (ICO), in 2019, UK organizations had reported 1,357 data breaches that were caused by people emailing the incorrect recipients. This is a 300% increase in misdirected emails over the last two years.

Bottom line

The ICO has made it clear that failure to implement appropriate organizational and technical measurements to protect data will result in significant penalties. With so much at stake, businesses need to consider whether their company data is properly protected from incidents of human error.