The numbers are shocking: An investment of just Rs. 2.35 lakh led to a loss of Rs. 1,200 crore. This is not a movie plot, but the reality of insider threats in Corporate India in 2025. One of the most alarming examples happened in Brazil recently, where an IT employee handed over his work credentials to criminals in exchange for a small sum. That simple act led to one of the biggest digital robberies in history. This isn’t just Brazil’s problem—insider threats in Corporate India are now a very real concern.
The Threat from Inside
As more businesses adopt digital systems, cloud services, and remote work tools, they often give important access to a few trusted employees. Unfortunately, if even one of them turns rogue or gets manipulated, they can bring down the entire business.
A recent Indian example is the KiranaPro case. A former employee reportedly shut down the startup’s operations by deleting its servers. The company had raised significant funding and built a promising business, but someone on the inside undid all that progress.
The Brazilian Heist: A Real-Life Crime Story
In Brazil, the case was no less dramatic than a film. Someone reportedly approached João Nazareno Roque, an IT worker, outside a bar and offered him R$5,000 in exchange for his work credentials. Soon after, a team of unknown criminals used those details to carry out a massive theft between 4 a.m. and 7 a.m. on June 30. The attack impacted six banks through a single software provider that connected them to the central banking system. This allowed the criminals to access several institutions at once—like having a master key that opens many doors.
Roque said he never met the attackers again but kept in touch with them through phone calls. He even helped them write special software to carry out the attack.
India Is Equally Vulnerable
With India’s fast-paced digital growth, similar risks are everywhere. Fintech firms, crypto exchanges, and even startups handle sensitive data and money. Past breaches at companies like Paytm and other firms highlight how serious this issue is becoming.
What Can Be Done?
- Add Extra Layers of Control
Companies should not rely on just one person to access sensitive systems. Instead, they should require two or more people to approve actions like fund transfers or data access—like how bank lockers work. - Use Behaviour Monitoring
If an employee starts accessing unusual systems or working at odd hours, automated alerts should notify security teams. For example, if someone logs in at 4 a.m. even though they normally work during the day, that’s a red flag. - Better Screening and Support for Employees
Sometimes, people turn against their companies due to personal stress or dissatisfaction. HR teams must work closely with security teams to watch for warning signs. - Revoke Access Immediately
If an employee resigns or is suspected of bad behavior, all their system access must be disabled right away. This includes passwords, access cards, mobile tokens, and even cloud accounts. - Limit Where and How Data Can Be Accessed
Companies should allow access to important data only from specific places, networks, or IP addresses. They should also use tools that monitor and control access to servers. - Prepare for Internal Attacks
Many companies focus only on outside threats, but they also need a clear plan for dealing with insider incidents. This means knowing how to quickly identify the threat, shut it down, and limit the damage.
Final Thoughts
Human mistakes—or bad decisions—can be the weakest link in any system. And when one person with access can cause losses of over Rs. 1,200 crore, prevention becomes the best investment. Indian companies must wake up to this reality and take insider threats seriously before it’s too late.
