While external data breaches involving household brand names such as TJX tend to grab more headlines, insider data thefts are emerging as compliance and reputational risks for organizations. Recent studies suggest that over 60 per cent of data breaches originate from an internal source or event. One reason for this is that in today's data-rich environment organizations continue to struggle with the 'human element' at the heart of data security. It can be extremely difficult to balance the protection of sensitive data with granting access to employees who need it to complete their daily job requirements. To that end, organizations have implemented several new security measures including employee education programs, data access monitoring, and strict policies regarding USB ports and portable devices. Although these are steps in a positive direction, little has been done to study and understand how the data is exploited once it leaves an organization.