Amid high turnover, workers are stealing source code from their companies at 3 times the rate they were taking it last year

• Workers are taking sensitive data from their companies increasingly often, a Code42 report says.
• The report says source code exposure has jumped threefold over preceding quarters.
• Code42 says high turnover is a factor as workers take patent applications, customer lists, and more.
• See more stories on Insider's business page.

When workers walk away from their jobs, they're not just taking their last paycheck with them. They're increasingly bringing home sensitive company data, a new report finds.

Cybersecurity software company Code42 found that there was a 40% increase in "data exposure events" between the first half of 2020 and the first half of 2021. It also concluded that, within the first half of this year, there was a 61% jump in data exposure events quarter-over-quarter. Code42's findings were previously reported by the Financial Times.

Code42 analyzed anonymized data from more than 700,000 company devices from the first half of this year. The analysis examined insider risk, or the security risk that an organization faces from within, such as from its own employees.

The analysis teased out "a direct correlation between resignations, departing employees, and exposure events," the company said in a blog post. The Great Resignation is partly to blame. The number of Americans quitting their jobs hit a record 4 million in April and has remained elevated ever since. The resulting high turnover is a big factor in data exposure events.

"Data exposure peaked at the same time the US experienced a massive shift in employment," Code42 wrote in its post.

Read more: A Microsoft study shows that stress is causing workers to make mistakes that leave their companies' data vulnerable, but confronting them can make things worse

The company says the portability of data was another factor in the growing frequency of data exposure events. Removable media, primarily USB drives, was the most commonly used means of stealing company data. Google Chrome also was frequently used to take company information: It accounted for 52% of all application exposure that wasn't tied to removable media or a cloud sync agent.

Employees walked away with sensitive company information like source code, customer lists, and patent applications. Source code exposure in particular increased threefold over preceding quarters, Code42 found.

Nearly half of all of the source code exposure in the past calendar year came from Q2 2021, which began in April, the month in which quit rates reached their highest point in 20 years.

Code42 says the prevalence of hybrid work is another reason for the increase in workers stealing company data.