Panama Papers fall-out will impact every business

Posted 19/04/2016 By: James Tarling

Media reporting on the so-called Panama Papers has focused on the tax affairs of wealthy individuals and international organisations, but the hacking of client files at Panamanian law firm Mossack Fonseca has implications for every business.

The largest leak in history, with some 2.6 terabytes of data involved, the shockwaves of the Panama incident have been felt around the globe, and the hacking is a wake-up call to companies that don’t already treat their cyber-security with the same stringency as their legal, regulatory, financial or operational risks.

“This was a major world-wide incident, involving many high profile individuals and global organisations, but the lesson is one that any business should relate to, however small they may be,” said data protection specialist and partner James Tarling.

“Protecting company data from attack is not just about keeping client data safe, it’s just as much about protecting your reputation, your employees and your future competitive edge, as well as keeping inside the law.Even strong IT systems can be circumvented with simply human errors..”

Last year a UK manufacturing company had design blueprints stolen and shared with a competitor.They launched an investigation when the competitor released equipment which was extremely similar to their own, and established that they had been subject to a targeted cyber-attack, and that the stolen blueprints had been sold to Chinese-owned companies.The infiltration was achieved when hackers targeted a job-seeking chief design engineer, who unwittingly downloaded malware through an email, after responding to a fake online recruitment profile designed specifically to trap him.

Morrisons supermarket is being sued under a group litigation order involving more than 5000 of its employees, after personal and financial details were posted online by a disgruntled ex-employee.

“It’s a really big issue for every business, large or small,” adds James.“Electronic data is a hugely valuable commodity when it falls into the wrong hands, so business leaders must make it a top priority.”

Compliance is a two-step process of implementing adequate systems and ensuring correct use of time.A key element of any compliance strategy is informing and training staff not least because misuse of personal data can be a criminal offence committed by an individual employee. A former LV= employee was this month found guilty of a criminal offence after trying to buy customer data from an ex-employee via WhatsApp.

The law is being strengthened at the moment through the forthcoming implementation of the EU Data Protection Regulations.

James can advise you business on compliance with these rules, often helping businesses create new policies and undertaking regular training of staff on compliance. James can also provide guidance on managing any data breaches.