Skip to main content

Employees are sending hundreds of emails to the wrong people

(Image credit: Image Credit: Evannovostro / Shutterstock)

Data breaches are most often the result of simple human error, according to a new report from Tessian.

The leading cause of online data breaches last year was employees misspelling an email address and sending sensitive information to the wrong contact. In 2019, a total of 1,357 data breaches came about as a result of email misfire, up from 447 in 2017.

Tim Sadler, CEO at Tessian, says, “Everyone has an email blunder story. After all, the average worker spends over a third of their working-week on email, so mistakes are bound to happen. But we’re seeing serious repercussions beyond just embarrassment over CC’ing the wrong person – more people are exposing personal and corporate data. These mistakes could see your data falling into the wrong hands and your company facing the regulator’s wrath under GDPR.”

Another common problem facing businesses is employees sending company data to unauthorised or personal email accounts. Workers at large enterprises did just that almost 200,000 times last year, while SMBs saw 5,000 instances in the same period.

“Human error is the leading cause of breaches, because people make mistakes and break the rules. In many cases, people may not even realise they’re doing anything wrong. If businesses want to keep their data safe, they need to start at the human level and create a people-centric approach to cybersecurity that focuses on educating and protecting their employees,” said Sadler.