Rogue Email Costs Swiss Bank Millions

Human error is being blamed after a banker accidentally leaked the details of General Motors’ upcoming flotation in an email.

The banker at Swiss bank UBS is thought to have accidentally send out the rogue email to more than 100 people.

According to the Daily Telegraph, the mistake led to UBS being dropped as an underwriter to the car maker.

Just Push Send

The alleged leak apparently also included details of GM’s listing price.  The incident was revealed in papers filed by GM at America’s Securities & Exchange Commission.

The filing, which said the email did “not reflect GM’s views”, reportedly said that investors who buy GM stock could seek refunds or damages because of the leak if UBS remained an underwriter on the deal.

General Motors is partly owned by the US Government. GM had been facing imminent bankruptcy and liquidation in 2009, following poor sales due to the global recession which began September 2008. This resulted in the US government stepping in with a “bridging loan” which bailed out the huge motor group.

According to the Telegraph, GM’s owners are planning to sell about $10 billion (£6.2 billion) in common stock on 18 November in order to pay back some of the $50 billion (£31 billion) bail-out the company received during the financial crisis.

Human Error

The news that a rogue email had cost UBS bank millions of dollars in fees drew a quick response from Cyber-Ark, an information security expert that specialises in privileged identity management (PIM).

“This is a perfect demonstration of how a data breach as a result of human error can not only damage a company’s brand, but also lead to significant financial losses,” said Mark Fullbrook, director UK and Ireland at Cyber-Ark.

“I have no doubt that the banker who sent the email in question will be feeling pretty red-faced now, but let’s be honest, who hasn’t sent the wrong email to the wrong person by accident?” he added.

“The real issue here is the considerable failure of UBS’ existing data transfer policies,” said Fullbrook. “When dealing with such sensitive information, it is vital that organisations take this responsibility seriously and put processes – and technologies – in place to ensure the continuous protection of that information, without impacting the everyday tasks of employees.”

Fullbrook said that because such sensitive data moves around so freely, banks and the like must protect this information by deploying a policy-driven file transfer system.

“Without such measures, organisations leave themselves open to the costly and embarrassing consequences of a data breach – as UBS has unfortunately learned,” said Fullbrook.

Last year, Cyber-Ark conducted a survey which revealed that more than two in five office workers had admitted to taking sensitive data with them to a new employer when they leave a job. And 26 percent said they would pass on company information to get friends or family members a job.