Last week, it was reported that a man is being questioned by Greater Manchester Police for his alleged involvement in hacking Manchester City manager Pep Guardiola’s emails. A contractor employed by the club through an IT firm two years ago, he has claimed that the hack was “the easiest thing I’ve ever had to do”.
The IT worker claimed to have accessed Guardiola’s account from his mobile and downloaded personal emails, confidential transfer exchanges and his entire contacts book. He also allegedly trying to sell the emails for £100,000. Manchester City had terminated the services of the consultant and the company he was contracted to two years ago, but the story is breaking now.
Insider risk is real. We have previously uncovered insider fraud at a financial services firm, with a rogue IT worker attempting to sell client data on the dark web. Our findings were reported to Greater Manchester Police. Whilst we don’t know all the details of this rogue IT worker, it brings into light the importance of employee screening that harnesses online due diligence.
Oftentimes we find potential risks relating to employees through their online behaviour. The likelihood is that if the rogue IT worker is bragging in real life, his behaviour will be mimicked online, perhaps even through multiple aliases. Online reputation screening would have potentially flagged this behaviour sooner.
We hope that this doesn’t happen again and that it has triggered proactive measures by Manchester City and the IT firm to use online reputation screening. If so, it should be carried out to the Personnel Online Screening Standard (POSS) as laid out by the Association for Online Due Diligence (AFODD).
Get in touch today to strengthen your employee screening processes and protect your firm’s reputation.