80+ Shocking Employee Theft Statistics (2024)
Employee theft isnโt just a financial issue; it can erode trust and damage company morale. These employee theft statistics highlight the prevalence of workplace theft across key categories including data theft, time theft, fraud and embezzlement, insider threats, and retail theft.
Prevent Employee Data Theft With CurrentWare
Is your business safe against employee data theft?
Donโt wait for a disaster to strike. CurrentWare offers a comprehensive data security solution to safeguard sensitive information against insider threats.
Reach out to our team today to learn how to prevent employee data theft before itโs too late.
Further Reading:
- Cybersecurity Statistics
- Internet Usage Statistics
- Employee Monitoring Statistics
- Worst Examples of Data Theft by Employees
- Time TheftโAre Your Employees Stealing Time at Work?
- How to Prevent Data Theft by Employees
- Employee Offboarding: How to Keep Data Safe During a Termination
Top 10 Employee Theft Statistics for 2024
1) 57% of information security leaders and 51% of business decision-makers say that their colleagues have infiltrated data, which puts their current organization at risk of lawsuits and reputational damage.
Source: Data Exposure Report 2019, Code42
Over half of information security leaders and business decision-makers report colleagues infiltrating data. This highlights a significant insider threat risk, potentially leading to lawsuits and reputational damage for organizations.
2) Eight in ten (80%) cybersecurity leaders admit that departing employees take valuable IP with them when they leave.
Source: Data Exposure Report 2024, Code42
A staggering 80% of cybersecurity leaders say departing employees take valuable intellectual property. This emphasizes the need for robust data security measures and potential restrictions on employee access during departure.
3) An average of 55% of insider-driven data exposure, loss, leak, and theft events experienced in the last 12 months were intentional
Source: Data Exposure Report 2024, Code42
A concerning 55% of data breaches are intentional acts by insiders. This points to the importance of mitigating disgruntled employee situations and fostering a culture of data security awareness.
4) Approximately 2 in 3 embezzlement schemes were discovered by a fellow employee
Source: 2018 Hiscox Embezzlement Study
Two-thirds of embezzlement schemes are discovered by other employees. This highlights the importance of encouraging employees to report suspicious activity and having clear channels for reporting concerns.
5) 57% of fraud is committed by company insiders or a combination of insiders and outsiders
Source: PwCโs Global Economic Crime and Fraud Survey 2020
Over half of all fraud is committed by insiders or a combination of insiders and outsiders. This emphasizes the need for robust internal controls and background checks to deter and detect fraudulent activity.
6) Management makes up the largest portion of employees who commit fraud; 39% of fraud is committed by managers, leading to a median loss of $125,000. 37% of fraud is committed by employees, leading to a median loss of $50,000. Owners and executives make up only 23% of fraud cases, but cause $337,000 in median losses.
Source: Occupational Fraud 2022: A Report to the Nations | Association of Certified Fraud Examiners (ACFE)
Managers are the largest group committing fraud, causing significant median losses. This calls for increased scrutiny over managerial activities and implementing strong ethical codes within leadership.
7) Examples of time theft detected by monitoring software include absences from workstations (60%) and working a second job (52%).
Source: 60% of Employers Require Monitoring Software for WFH Workers, Digital.com
Monitoring software helps detect time theft activities like workstation absence and working a second job by capturing evidence of time theft such as extended breaks, excessive non-work web browning, and unreported absenteeism.
8) 76% of loss prevention professionals have indicated that cyber-related incidents have become more of a priority for their organization in the last 5 years. 53% of them have placed a greater priority on internal theft.
Source: 2021 Retail Security Survey | National Retail Federation
Loss prevention professionals prioritize both cyber threats and internal theft. This reflects the evolving security landscape where both external and internal threats require attention.
9) Large retailers apprehend 361 dishonest employees per year on average
Source: 2021 Retail Security Survey | National Retail Federation
Large retailers apprehend a substantial number of dishonest employees annually. This highlights the need for effective loss prevention strategies and employee training programs.
10) 75% of employees admit to stealing at least once from their employer
Source: California Restaurant Association
A surprising 75% of employees admit to stealing at least once. This statistic underscores the importance of preventative measures and a culture of honesty within organizations.
Case Study
Viking Yachts Stops an Employee From Stealing Their Intellectual Property
As Viking Yachts grew, their network administrator Vincent Pecoreno was responsible for supporting over 530 users and 1500 devices across multiple geographic locations, making visibility a challenge without the right tools in place.
Once equipped with CurrentWareโs user activity monitoring and data loss prevention solutions, Viking Yachts had the insights they needed to protect their sensitive data.
Read their case study to learn more about how Vincent used CurrentWare to detect a data theft attempt from a soon-to-be-ex-employee.
Employee Data Theft Statistics
| Statistic | Source | Year |
|---|---|---|
| Over a third (38%) of information security leaders admit that their company suffered a breach of intellectual property in the last 18 months | 2019 Data Exposure Report, Code42 | 2019 |
| 72% of information security leaders agree with the statement โItโs not just corporate data, itโs my work โand my ideas.โ | 2019 Data Exposure Report, Code42 | 2019 |
| 57% of information security leaders and 51% of business decision makers say that their colleagues have infiltrated data, which puts their current organization at risk of lawsuits and reputational damage. | Data Exposure Report 2019, Code42 | 2019 |
| 72% of departing employees have admitted to taking company data | Richard AgnewโYour Employees are Taking Your Data | Infosecurity Magazine | 2019 |
| 65% of information security leaders have admitted to taking intellectual property with them during a job change | 2019 Data Exposure Report, Code42 | 2019 |
| 63% of employees brought data from their previous employer to their current employer | 2019 Data Exposure Report, Code42 | 2019 |
| 70% of intellectual property theft occurs within the 90 days before an employeeโs resignation announcement. | Your Employees are Taking Your Data, Infosecurity Magazine | 2019 |
| Eight in ten (80%) cybersecurity leaders admit that departing employees take valuable IP with them when they leave. | Data Exposure Report 2024, Code42 | 2024 |
| An average of 55% of insider-driven data exposure, loss, leak, and theft events experienced in the last 12 months were intentional | Data Exposure Report 2024, Code42 | 2024 |
| 24 insider-driven data exposure, loss, leak, and theft events were experienced per month, on average | Data Exposure Report 2024, Code42 | 2024 |
| Insider-driven data exposure, loss, leak, and theft events can have vast financial repercussions, with cybersecurity leaders estimating that a single event would cost their company $15 million, on average | Data Exposure Report 2024, Code42 | 2024 |
| From 2021 to 2024 there was an increase of 28% in the average number of monthly insider-driven data exposure, loss, leak, and theft events | Data Exposure Report 2024, Code42 | 2024 |
| IT leaders believe 55% of insider-driven data exposure, loss, leak, and theft events from 2023-2024 were intentional | Data Exposure Report 2024, Code42 | 2024 |
| A survey of 100 security leaders revealed that 91% of respondents believe employees and contractors are likely to exfiltrate data from corporate systems via their mobile devices. | Insider Threat Report 2024, Code 42 | 2024 |
Employee Fraud & Embezzlement Statistics
| Statistic | Source | Year |
|---|---|---|
| Around 4 in 5 embezzlement cases involve multiple perpetrators: 1 in 5 embezzlement cases are perpetrated by a single individual. 46% of cases involve 3 or more actors. 885% of cases were perpetrated by someone at the manager level or above, and 20% involve C-suite executives. | 2018 Hiscox Embezzlement Study | 2018 |
| In 26% of embezzlement cases, the organization loses customers, spends more time discussing security, and adds more security requirements to protect against future losses | 2018 Hiscox Embezzlement Study | 2018 |
| Approximately 2 in 3 embezzlement schemes were discovered by a fellow employee | 2018 Hiscox Embezzlement Study | 2018 |
| American companies lost on average $1.13 million to employee theft in 2016 | 2018 Hiscox Embezzlement Study | 2018 |
| 85% of employees who committed fraud have displayed at least 1 red flag prior to the act | 2018 Hiscox Embezzlement Study | 2018 |
| The average embezzler has worked at their company for 8 years | 2018 Hiscox Embezzlement Study | 2018 |
| One-third of employee theft comes from employees within the accounting or finance department | 2018 Hiscox Embezzlement Study | 2018 |
| Charges are only brought in 45% of embezzlement cases, and of those cases, just over half (58%) resulted in conviction. | Risk Management Magazine | 2019 |
| 39% of businesses have experienced more than one case of employee embezzlement | Risk Management Magazine | 2019 |
| 47% of companies experienced fraud in the past 24 months | PwCโs Global Economic Crime and Fraud Survey 2020 | 2020 |
| 57% of fraud is committed by company insiders or a combination of insiders and outsiders | PwCโs Global Economic Crime and Fraud Survey 2020 | 2020 |
| Insiders are behind 43% of fraud cases with >$100 million in losses | PwCโs Global Economic Crime and Fraud Survey 2020 | 2020 |
| Almost half of companies donโt investigate their worst fraud incidents | PwCโs Global Economic Crime and Fraud Survey 2020 | 2020 |
| Companies lose an average of $1.7 million per employee fraud case | Occupational Fraud 2022: A Report to the Nations | Association of Certified Fraud Examiners (ACFE) | 2022 |
| Asset misappropriation is the most common type of employee theft, with 86% of all employee fraud cases involve some form of asset misappropriation | Occupational Fraud 2022: A Report to the Nations | Association of Certified Fraud Examiners (ACFE) | 2022 |
| 50% of employee fraud cases involve some degree of corruption. Invoice kickbacks, illegal gratuities, and purchasing schemes are all examples of corruption in action. | Occupational Fraud 2022: A Report to the Nations | Association of Certified Fraud Examiners (ACFE) | 2022 |
| Financial statement fraud makes up only 9% of casesโbut is the most financially damaging. The median loss from a financial statement fraud incident is $593,000, compared to $100,000 for asset misappropriation and $150,000 for corruption. | Occupational Fraud 2022: A Report to the Nations | Association of Certified Fraud Examiners (ACFE) | 2022 |
| Employee fraud schemes have a median duration of 1 year | Occupational Fraud 2022: A Report to the Nations | Association of Certified Fraud Examiners (ACFE) | 2022 |
| Creating fraudulent physical documents is the most common way for employees to conceal fraud, with 39% of fraudsters using this method. 32% altered physical documents, 28% created fraudulent electronic documents or files, 25% altered electronic documents or files, and 23% destroyed or withheld physical documents | Occupational Fraud 2022: A Report to the Nations | Association of Certified Fraud Examiners (ACFE) | 2022 |
| 8% of fraud schemes involve the use of cryptocurrency | Occupational Fraud 2022: A Report to the Nations | Association of Certified Fraud Examiners (ACFE) | 2022 |
| In fraud cases where cryptocurrency was involved, 48% used crypto to make bribes or kickback payments. 43% of offenders converted misappropriated assets into cryptocurrency. 35% used cryptocurrency as part of a money laundering scheme. | Occupational Fraud 2022: A Report to the Nations | Association of Certified Fraud Examiners (ACFE) | 2022 |
| Management makes up the largest portion of employees who commit fraud; 39% of fraud is committed by managers, leading to a median loss of $125,000. 37% of fraud is committed by employees, leading to a median loss of $50,000. Owners and executives make up only 23% of fraud cases, but cause $337,000 in median losses. | Occupational Fraud 2022: A Report to the Nations | Association of Certified Fraud Examiners (ACFE) | 2022 |
| Only 4% of perpetrators had a prior fraud conviction | Occupational Fraud 2022: A Report to the Nations | Association of Certified Fraud Examiners (ACFE) | 2022 |
| The industries with highest proportion of corruption cases are: Energy (53%), manufacturing (51%), and government/public administration (50%) | Occupational Fraud 2022: A Report to the Nations | Association of Certified Fraud Examiners (ACFE) | 2022 |
| frauds that last over 60 months are more than 20 times as costly as those that are caught in the first six months | Occupational Fraud 2022: A Report to the Nations | Association of Certified Fraud Examiners (ACFE) | 2022 |
| a typical fraud case causes a loss of $8,300 per month and lasts 12 months before detection | Occupational Fraud 2022: A Report to the Nations | Association of Certified Fraud Examiners (ACFE) | 2022 |
| Nearly half of all occupational frauds came from these four departments: Operations (15%), Accounting (12%), Sales (11%), Executive/upper management (11%) | Occupational Fraud 2022: A Report to the Nations | Association of Certified Fraud Examiners (ACFE) | 2022 |
| Of organizations that were victims of employee fraud, 52% of the organizations ran background checks, while 48% did not. Of the organizations that did run a check before hiring the perpetrator, 10% were alerted to a red flag regarding the perpetrator but chose to hire the person anyway | Report to the Nations: 2018 Global Study On Occupational Fraud And Abuse | Association of Certified Fraud Examiners (ACFE) | 2018 |
Insider Threat Statistics
| Statistic | Source | Year |
|---|---|---|
| one in three data breaches now involve insiders | Insider Threat Report 2024, Code 42 | 2024 |
| 69% of organizations say they were breached due to an insider threat and confirm they did have a prevention solution in place at the time of their breach. | 2019 Data Exposure Report, Code42 | 2019 |
| 86% of information security leaders know that employee behavior will always impact their ability to protect corporate data | 2019 Data Exposure Report, Code42 | 2019 |
| 74% of all breaches include the human element, with people being involved either via Error, Privilege Misuse, Use of stolen credentials or Social Engineering. | Verizon 2023 Data Breach Investigations Report | 2023 |
| While most companies (99%) have data protection solutions in place, these solutions are not mitigating data loss from insiders, as 78% of cybersecurity leaders admit theyโve still had sensitive data breached/leaked/exposed | Data Exposure Report 2024, Code42 | 2024 |
| Respondents believe senior management (81%) and board members (71%) pose the greatest risk to their companyโs data security, likely due to having wide-reaching access to the most sensitive data | Data Exposure Report 2024, Code42 | 2024 |
| 32% of organizations cite data leakage risks as a challenge they face in identifying, managing, and preventing insider attacks | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| 41% of companies state that user privacy is a major concern when monitoring insider threats | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| Only 2% of organizations do not monitor user behavior at all and are not currently planning to | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| 71% of respondents in a report from Cybersecurity Insiders stated that they do not have all the tools they need to be fully confident in their capabilities to handle insider threats. | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| 54% of respondents in a report from Cybersecurity Insiders consider their insider threat programs less than very effective | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| When asked โWhat do you think are the main drivers and enablers behind the increase in insider attacks?โ 37% said Insufficient employee training, 34% Global & Technological Complexity, 29% Inadequate Security Measures, 27% Complex IT Environment, and 25% said Disgruntled Insiders | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| 40% of respondents in a report from Cybersecurity Insiders reported that insider attacks have become more frequent in the last 12 months | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| 40% of respondents in a report from Cybersecurity Insiders observed an increase in the frequency of insider attacks over the last year, pointing to a dynamic threat landscape where internal risks are growing | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| 70% of respondents in a report from Cybersecurity Insiders express at least moderate concern about insider threats in the context of hybrid work | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| 66% of respondents in a report from Cybersecurity Insiders feel moderately to extremely vulnerable to insider attacks | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| 31% of respondents in a report from Cybersecurity Insiders believe that all company sensitive data is susceptible to insider attacks | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| The leading concern is information disclosure at 56%, underscoring the primacy of protecting sensitive data against mishandling. Unauthorized data operations comes in second at 48% (including data tampering and destruction), reflecting unease about the multitude of ways data can be misused. Credential and account abuse follows closely at 47% (such as credential sharing or unauthorized access), spotlighting the vulnerability that comes with improper credential management and the potential for significant damage via privilege escalation. Security evasion and bypass (45%), along with software and code manipulation (44%), are also major concerns, indicating apprehension about the ingenuity of insider threats in circumventing policy and security controls. | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| 74% of respondents in a report from Cybersecurity Insiders are most concerned with malicious insiders, such as those who intentionally steal data | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| 90% of respondents in a report from Cybersecurity Insiders find insider attacks equally or more challenging to detect than external cyber attacks | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| Only 29% of respondents in a report from Cybersecurity Insiders feel fully equipped with the right tools to protect against insider threats, indicating a significant gap in many organizationsโ security capabilities. | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| While 66% of organizations feel vulnerable to insider attacks, 41% of organizations have only partially implemented insider threat programs, pointing to a lack of comprehensive activity monitoring and advanced threat management | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| 75% of respondents in a report from Cybersecurity Insiders are concerned about the impact of emerging technologies like AI, the Metaverse, and Quantum Computing on insider threats, indicating worries about their misuse and the potential to amplify threat capabilities. | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| 70% of respondents in a report from Cybersecurity Insiders express concern about insider risks in hybrid work contexts, reflecting the challenges of securing distributed, less controlled environments. | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| Only 16% of organizations consider themselves extremely effective in handling insider threats | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| There has been a marked increase in concern for malicious insiders, rising from 60% in 2019 to 74% in 2024, | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| From 2019 to 2024, the number of organizations reporting insider attacks increased from 66% of organizations to 76%, indicating a substantial increase in detected insider threats | Insider Threat Report 2024, Cybersecurity Insiders | 2024 |
| Ninety percent of organizations feel vulnerable to insider attacks. The main enabling risk factors include too many users with excessive access privileges (37%), an increasing number of devices with access to sensitive data (36%), and the increasing complexity of information technology (35%). | Insider Threat Report 2018, Cybersecurity Insiders | 2018 |
Shoplifting And Retail Theft Statistics
| Statistic | Source | Year |
|---|---|---|
| The average dishonest retail employee costs their employer $1,551.66 | 2021 Retail Security Survey | National Retail Federation | 2021 |
| 76% of loss prevention professionals have indicated that cyber-related incidents have become more of a priority for their organization in the last 5 years. 53% of them have placed a greater priority on internal theft. | 2021 Retail Security Survey | National Retail Federation | 2021 |
| Overall, the average for employee apprehensions was down in 2020 (361.6 employees) compared with 2019 (560), but about on par with 2018 (322.6). Terminations were slightly lower in 2020 (527.3 employees) than 2019 (558.6) but maintained an overall sizeable increase since 2018 (335). Prosecutions were at the lowest point since 2015. | 2021 Retail Security Survey | National Retail Federation | 2021 |
| The average dollar loss per dishonest employee case was $1,551.66 in 2020, $1,139.32 in 2019 $1,264.10, in 2018 $1,203.16, in 2017 $1,922.80, in 2016, and $1,233.77 in 2015 | 2021 Retail Security Survey | National Retail Federation | 2021 |
| Large retailers apprehend 361 dishonest employees per year on average | 2021 Retail Security Survey | National Retail Federation | 2021 |
| The average shrink rate in FY 2022 increased to 1.6%, up from 1.4% in FY 2021 and in line with shrink rates seen in 2020 and 2019 | 2023 National Retail Security Survey | National Retail Federation | 2022 |
| 75% of employees admit to stealing at least once from their employer | California Restaurant Association | Unavailable |
Other Employee Theft Statistics
| Statistic | Source | Year |
|---|---|---|
| Examples of time theft detected by monitoring software include absences from workstations (60%) and working a second job (52%). | 60% of Employers Require Monitoring Software for WFH Workers, Digital.com | 2021 |
| 22% of small business owners have had their employees steal from them | Business.org | 2021 |
| 35% of small business owners have caught shoplifters on camera, while 42% have personally caught the employee shoplifting. | Business.org | 2021 |
| When asked what areas have increased in priority over the last five years, loss prevention professionals were most likely to point to mall and store-related violence alongside cyber incidents and organized retail crime | 2021 Retail Security Survey | National Retail Federation | 2021 |
Methods for Identifying and Mitigating Insider Theft
While no employer wants to think a member of their team is stealing, the United States Department of Justice estimates that up to 80% of employees will participate in fraudulent behavior if there are no preventive measures in place.
Studies show that despite being victimized, most businesses fail to implement protective measures against insider data theft. However, with the right policies and tools, you can significantly reduce or eliminate insider threats.
Fortunately, there are actionable steps that can be taken to identify potential insider threats before they can cause significant harm.
#1. Conduct Background Checks
52% of the organizations ran background checks, while 48% did not. Of the organizations that did run a check before hiring the perpetrator, 10% were alerted to a red flag regarding the perpetrator but chose to hire the person anyway
While thorough background checks may not be necessary for all positions, verifying the identity, history, and other important information about a potential employee is a valuable employee theft prevention tactic for positions where employees need to be trusted with sensitive information and other critical assets.
Background checks act as a shield against employee theft in a couple of key ways:
- Red Flag Detection: By looking into a candidateโs criminal history, you can identify past convictions for theft, fraud, or embezzlement. This gives you a strong reason to be cautious about hiring that person, especially for positions that involve access to money or valuables.
- Deterrence: The very act of conducting background checks sends a message to potential hires that your company takes honesty and security seriously. This will help to deter potential employees with a history of theft from applying for jobs at your company.
If you opt for background checks, inform your applicants that they are a prerequisite for employment and define the scope of your checks, such as whether or not you conduct national and local background searches and social security number traces.
To make background checks more cost effective, use a reputable agency and reserve background checks for applicants who have gone far enough in the hiring process to be considered a serious candidate.
NOTE: Before conducting background checks you must verify the correct processes with your legal counsel to ensure you are in compliance with any applicable laws and regulations. For example, if background checks are legal in your jurisdiction you will still likely be required to obtain written consent from the applicant before proceeding with the checks.
#2. Theft Prevention Policies & Procedures
Nearly 50% of recorded fraud cases stem from a lack of internal controls and/or the override of internal controls.
Have policies on hand that disclose surveillance and inspection practices that assist with insider threat detection. You should also have policies that clearly define the consequences of violating those policies, whether it be a performance improvement plan, immediate termination, or legal pursuits for restitution.
There are a variety of policies that help deter employee theft, such as:
- Data security & acceptable use policies: Clearly define how sensitive data and the systems that interact with them must be handled to ensure the confidentiality, integrity, and availability of that data.
- Cybersecurity audits: Proactive security audits help ensure that your organization is fulfilling its security responsibilities by identifying unmitigated vulnerabilities and defining your current security practices
- Employee surveillance policy: If you conduct any sort of employee monitoring such as installing security cameras or monitoring employee computer activity, you must disclose your monitoring practices in a workplace monitoring policy.
- Employee handbook: Your employee handbook should outline the companyโs policies on theft, including what constitutes theft, the disciplinary actions that will be taken for theft, and the companyโs procedures for investigating suspected theft.
- Cash handling procedures: Establish clear procedures for handling cash, such as requiring two employees to be present whenever cash is being counted or deposited.
- Inventory control procedures: Implement inventory control procedures to track inventory levels and identify any discrepancies.
- Purchase order approvals: Require purchase orders to be approved by a supervisor before they can be placed.
- Expense report approvals: Require expense reports to be approved by a supervisor before they can be reimbursed.
- Disciplinary action for theft: Have a clear policy in place for disciplining employees who are caught stealing, which may include termination of employment.
- Anonymous reporting hotline: Approximately 2 in 3 embezzlement schemes in 2018 were discovered by a fellow employee. Providing an anonymous reporting hotline for employees to report suspected theft is a valuable tool that employees can use to report insider theft without fear of retaliation.
#3. Install Security Equipment & Insider Threat Detection Software
Install cameras not only in high customer traffic areas but also in areas employees frequently pass and where there may be unsecured cash or valuable items. Privacy laws may prevent recording inside break rooms, but in most jurisdictions you are free to monitor halls, back doors, stock rooms, dumpster areas, and janitorial areas.
Regularly inspect parking lots and secluded locations for anything out of the ordinary, like anomalous parked cars or damaged equipment.
Unfortunately, security cameras may be insufficient in deterring insider data theft as the breach may appear like a normal working day from the perspective of a camera.
As part of your workplace surveillance strategy you also need to have insider threat detection software in place that will detect and block high-risk activities such as attempts to use unsanctioned cloud storage services, uploading/downloading sensitive files, and inserting personal USB storage devices into computer systems with access to sensitive information.
#4. Perform Regular Security Audits
Internal audits are essential for ensuring that your organization is fulfilling its security responsibilities. According to the team at backgroundcheckrepair.org, management staff is responsible for 39% of insider theft, while owners and executives have accounted for 23% of all theft instances.
Your audits will help you verify that you have adequate security controls to combat a variety of threat vectors, including:
- Social engineering attacks
- Credential theft
- Physical security measures
- Inventory management and asset tracking protocols
- Unmitigated physical and digital vulnerabilities
- Overprivileged data access
- Misconfigurations of software, system security policies, etc
- Ineffective or poorly enforced employee training
- A lack of insider threat detection capabilities
What elements you include in your security audit will depend on the assets youโre responsible for protecting, the resources you have available, and regulatory compliance requirements.
#5. Look For Employee Red Flags
As a part of your insider theft prevention strategy you will need to be on the lookout for motivators and indicators on an insider threat such as workplace grievances, financial difficulties, an abnormal interest in taking on responsibilities above their security clearance, and arriving early and staying late without a clear need to do so.
By being aware of these red flags and having a plan in place, businesses can take steps to mitigate the risk of insider threats.
Behavioral Red Flags:
- Disgruntled Employees: Employees who are facing disciplinary action, layoffs, or other negative situations might be more likely to become insider threats. Watch for sudden changes in attitude, increased negativity, or expressions of revenge.
- Financial Problems: Employees experiencing unexpected financial strain could be tempted to steal or sell company information for personal gain.
- Isolation or Secrecy: Employees who become unusually withdrawn or secretive, particularly around company data or access points, could be a cause for concern.
- Sudden Schedule Changes: Employees requesting unusual schedule changes, especially increased access outside of regular work hours, might be trying to avoid detection while stealing data.
Access and Data Red Flags:
- Excessive Data Downloads: Employees downloading large amounts of sensitive data, especially to personal devices or external storage, could be a sign of potential theft.
- Frequent Accessing Unauthorized Data: Employees regularly accessing data outside their designated permissions or need-to-know basis might be looking for information to exploit.
- Bypassing Security Protocols: Employees attempting to bypass security measures like firewalls or password restrictions could be indicative of malicious intent.
- Sharing Confidential Information: Employees discussing confidential information outside of authorized channels, like unsecured networks or with unauthorized individuals, is a red flag.
Itโs important to remember that these red flags donโt necessarily mean an employee is a definite threat. However, if you notice any of these behaviors, itโs crucial to investigate further and consider reporting them to your organizationโs security team.
What To Do If You Uncover Employee Theft
Uncovering employee theft can be a stressful situation. Hereโs a roadmap to navigate it effectively:
- Secure Evidence: The first priority is to solidify your case. Gather any concrete evidence that proves the theft. This could include witness statements, security footage, financial records, or internal system logs.
- Involve Management: Donโt confront the employee yourself. Bring the matter to the attention of your supervisor or HR department. They are trained professionals who can handle the situation with more experience and objectivity.
- Employee Investigation: HR will likely conduct a formal investigation to gather all the facts. This may involve interviewing the employee and allowing them to explain their actions.
- Legal Considerations: Depending on the severity of the theft, legal action might be necessary. Consulting with a lawyer can help determine the best course of action, whether itโs involving law enforcement or pursuing civil remedies.
- Disciplinary Action: Following the investigation, appropriate disciplinary action will be taken against the employee. This could range from a warning to termination, depending on the severity of the theft and the employeeโs record.
- Preventative Measures: Use this incident as an opportunity to review and strengthen your internal controls to prevent future thefts. This could involve areas like access control, cash handling procedures, or inventory management.
Here are some additional tips:
- Maintain Confidentiality: Throughout the process, maintain confidentiality to avoid unnecessary rumors or accusations within the company.
- Documentation: Document everything throughout the process, including the date the theft was discovered, the evidence gathered, and the actions taken.
Remember, the most important thing is to handle the situation calmly, collect evidence, and involve the appropriate people to ensure a fair and legal resolution.
Learn More: Steps When Dealing with Employee Theft
Frequently Asked Questions About Employee Theft
How common is employee time theft?
- In 2011 the American Society of Employers estimated that 20% of every dollar earned by a U.S. company is lost to time theft at work.
- The American Payroll Association reported in 2017 that buddy punching costs employers $373 million annually.
- A 2017 survey conducted by PollFish found that 16% of US workers aged 18+ admitted to participating in buddy punching and time clock fraud.
- The International Data Corporation estimates that 30 to 40 percent of employee internet activity is non-work-related. This misuse of the internet in the workplace is costing US businesses $63 billion in lost productivity each year, according to Websense Inc.
What are the types of employee theft? What is the most common form of employee theft?
Employee theft is when an employee steals from the employer, but it includes more than just stealing cash or office items. Misuse of company assets without permission or stealing sensitive information are also instances of employee theft.
Hereโs a breakdown of the most common types:
Theft of Physical Assets:
- Merchandise Theft: Employees stealing company products for personal use or resale is a frequent issue, especially in retail environments.
- Cash Theft: This involves stealing cash from registers, safes, or petty cash drawers. Techniques include skimming (taking cash without recording the sale), under-ringing (charging a customer less than the actual price), or shortchanging (giving a customer less change than due).
- Inventory Theft: Employees stealing from stockrooms or warehouses can significantly impact a companyโs bottom line.
Theft of Intangible Assets:
- Data Theft: This involves stealing or copying sensitive company data like trade secrets, customer information, or financial records. This can be done electronically or through physical means like stealing documents.
- Time Theft: Employees who misuse company time for personal errands, browse the internet excessively, or take extended breaks are essentially stealing paid time.
- Fraudulent Schemes: This involves employees manipulating company records or processes for personal gain. Examples include expense report padding or payroll timesheet falsification.
Most Common Form of Employee Theft:
While statistics can vary depending on the industry, time theft is generally considered the most prevalent form of employee theft. This is because itโs often easier to conceal compared to stealing physical assets or data. Studies suggest a significant portion of employee hours might be lost due to time theft activities.
However, itโs important to remember that the impact of different theft types can vary. Data theft, for instance, might not involve stealing a physical item but can have severe consequences for a companyโs security and reputation.
By understanding these different forms of employee theft, businesses can implement preventative measures to mitigate losses and protect their assets.
What percentage of loss is attributed to employee theft? (what percentage of shrink is caused by employees?)
The percentage of loss attributed to employee theft can vary significantly depending on the industry, the size of the company, and various other factors. However, studies have shown that employee theft can account for a substantial portion of overall business losses.
According to the National Retail Federationโs 2023 National Retail Security Survey, the average shrink rate in FY 2022 increased to 1.6%, up from 1.4% in FY 2021 and in line with shrink rates seen in 2020 and 2019.
Itโs important to note that these figures can vary from year to year and across different sectors. Additionally, not all instances of employee theft may be detected or reported, so the actual percentage of loss attributed to this issue could be higher than what is officially recorded.
Conclusion
These employee theft statistics paint a concerning picture, but knowledge is power. By understanding the different types of employee theft and the potential red flags, you can take proactive steps to safeguard your business.
Implement preventative measures like clear policies, access controls, and employee training programs. Remember, a vigilant and secure work environment can deter potential theft and protect your companyโs valuable assets.
