All insights
cybersecurityCybersecurityData ProtectionInsider Threat

5,600 Documents Out the Door: What the NSW Treasury Breach Teaches Every Small Business About Insider Risk

SW
Shaun Wong
4 min read

In April, a NSW Treasury staff member allegedly accessed and transferred more than 5,600 sensitive government documents to an external server. The material spanned multiple departments and included confidential commercial and financial information. Police set up a dedicated strike force to investigate, and the story made headlines across the country.

It is easy to read that as a "big government" problem with no bearing on a small business in Perth. We would gently push back on that. The uncomfortable truth is that a large share of data breaches do not come from shadowy hackers overseas. They come from inside, whether through a disgruntled employee, a careless mistake, or someone walking out the door with files on the way to a competitor. Small businesses are arguably more exposed, because they rarely have the controls that would catch it.

A clear explainer on insider threats and how they happen.

What "insider risk" really means

Insider risk is not just the dramatic case of a rogue employee stealing data on purpose. It covers three broad situations. The first is the malicious insider: someone who deliberately takes information, often on their way out or to settle a grievance. The second is the negligent insider: a well-meaning staff member who emails a client list to their personal account to "work from home", or saves sensitive files to an unsecured USB. The third is the compromised insider: a legitimate account that an attacker has taken over, so the activity looks like normal staff behaviour.

For a small business, the second category is by far the most common. Most data leaks we see locally are not sabotage. They are ordinary people taking shortcuts because the proper way was too clunky, or because nobody ever told them where the line was.

Why small businesses are surprisingly exposed

In a big organisation, sensitive systems usually have layers of access control, logging, and oversight. In a small business, it is common for everyone to have access to everything. The bookkeeper can see the client database, the casual can open the shared drive, and the old laptop in the cupboard still has a logged-in account from a staff member who left two years ago.

That openness feels efficient, and in a tight-knit team it can be. The problem is that it means any single person, or any single compromised login, can reach your most valuable information. When someone leaves on bad terms, or a laptop goes missing, you have no easy way to know what they could touch or what they took.

The practical steps that actually help

You do not need a corporate security department to dramatically reduce insider risk. A handful of habits do most of the work.

Start with least privilege, which is a fancy way of saying people should only have access to what they actually need for their job. Your casual front-of-house staff member almost certainly does not need the full financial records. Reviewing who can reach what, and trimming it back, is the single highest-value thing you can do.

Get your offboarding tight. The day someone leaves, their accounts should be disabled, their access to email and shared drives revoked, and any company devices collected and wiped. Keep a simple checklist so it happens every time, not just when you remember.

Turn on activity logging where your tools allow it. Microsoft 365 and Google Workspace both keep records of who accessed and downloaded what. You may never need it, but if something goes wrong, that trail is the difference between knowing what happened and guessing.

Finally, talk to your team about it plainly. Most negligent leaks happen because nobody explained the rules. A five-minute conversation about not emailing files to personal accounts, and why, prevents a surprising amount of trouble.

Turning a headline into an action

The NSW Treasury case is a reminder that your data is only as safe as the people and accounts that can reach it. You can have the best firewall in the world and still lose everything to one logged-in laptop or one careless habit.

Take ten minutes this week and ask yourself three questions. Who in my business can access our most sensitive information? What happens to someone's access the day they leave? Would I even know if a large batch of files was copied or emailed out? If those questions make you uneasy, you are exactly the kind of business that benefits from tightening things up before something goes wrong rather than after. We help Perth businesses do precisely that, without turning the office into a fortress.

Trending Now

Explore our latest insights, expert advice, and breaking tech news. Stay informed and ahead of the curve!

general-it

Microsoft Build 2026: AI Is No Longer Just for Copilot+ PCs (Your Existing Computers Count Now)

Microsoft confirmed at Build 2026 that AI features are expanding beyond pricey Copilot+ hardware to ordinary Windows PCs. Good news if you don't want to replace your fleet, and here's what you can use today.

ai-automation

Google I/O 2026: Gemini's Agentic Era and What It Actually Changes for Small Business

Google launched its latest Gemini models at I/O 2026 and pushed AI that does tasks for you across Search, Gmail, and Workspace. We separate the genuinely useful from the demo-ware for a Perth business.

industry-business

OpenAI Files to Go Public: What the ChatGPT Super App Means for the Tools You Use

OpenAI filed for a public listing and is merging ChatGPT, Codex, and its Atlas browser into one super app, with the best features moving behind paywalls. Here's what's likely to start costing money and how to plan for it.

We make tech simple, contact us for expert assistance!

Need tech support, repairs, or a new website? Tech Hero is here to help. Fill out the form and get personalized support from experts you can trust.

I have read, understand, and agree to thePrivacy PolicyandTerms of Service
I agree to receive occasional updates or important information about Tech Hero's services.