Is Sage accounting properly?
Sage said today on their web site:
“We believe there has been some unauthorised access using an internal login to the data of a small number of our UK customers so we are working closely with the authorities to investigate the situation.”
This is a very vague statement and gives no real indication of the size of the breach. Should you be concerned? How economically are Sage accounting for the truth?
So when is a “small number of users” really a small number? Is ;less than ten small? Probably we all agree yes, Less than a hundred? May be, more than a hundred? I suspect most people would think that more than a hundred probably isn’t “small” and several hundred not small. Now if each of these (reportedly 280) customer accounts that have been compromised contains details of 50 – 500 employees, let’s guess 200? Then the actual number of bank account details may be in the region of 280 (company accounts) for 200 each employees.
Is possibly in excess of half a million bank details, dates of birth, addresses, NI numbers etc. a small number?