Accounting software outfit Sage Group has been hit by a data breach affecting between 200 and 300 of its customers.
The company told Reuters the breach was a misuse of an employee login. This post by Richard De Vere at “The AntiSocial Engineer” claims an employee was behind the breach.
Sage says it doesn't know how much data leaked, if any, or if whoever logged in just had a look around.
De Vere's post says most customers were notified with a phone call, warning them to watch out for suspicious activity on their accounts.
The breach may have let attackers get access to employee information from Sage's customers, including bank account details and salary information, according to the Financial Times.
The company has been moving its business from license sales to subscriptions and the cloud, with only moderate success in the latter.
Sage isn't clear exactly when the breach happened, beyond saying it was in “the last few weeks”. It's called in the police and the UK's Information Commissioner's Office which enforces the Data Protection Act. ®