Wow…it’s a busy week for data security incidents! The Aetna laptop I just mentioned… earlier this week the hack at the University of Texas at Austin involving a database with info on 197,000 people, etc…
Remember last year around this time when Iron Mountain had several incidents where they lost data for their customers? Well, spring is no kinder to them this year…they’ve lost more data on around 17,000 people, as reported by the AP:
"(AP) NEW YORK The Long Island Rail Road says it has lost personal information — names, addresses, Social Security numbers and salary figures — of virtually everyone who has ever worked for the railroad. Iron Mountain, Incorporated — a Boston company — employed by the railroad to warehouse and secure information at an undisclosed storage site discovered the loss on April 6. During a routine delivery between LIRR headquarters in Jamaica and the storage site — an Iron Mountain driver noticed that at least one unmarked box was missing. The LIRR said MTA Police and the NYPD were immediately notified.
On Monday, the railroad mailed a letter from LIRR President James Dermody to approximately 17,000 current and former employees, notifying them about the lost information. The LIRR has about 6,000 current employees. Newsday reports that the letter said the information on the computer discs was formatted in a way that is very difficult to access without specialized skills, specific software and sophisticated computer equipment. The LIRR agreed to provide anyone at risk with a free one-year enrollment with a credit check and identity theft monitoring service. The railroad has also set up a Web site and telephone hotline for employees with questions about the missing data."
It is always interesting to see when incidents involving data that is not encrypted is downplayed by the organization saying the data is "very difficult to access without specialized skills…"
Gee, how many folks have IT experience, specialized IT skills, and sophisticated computers? Hmm…
Technorati Tags
lost backups
privacy
encrypt
personal information
Iron Mountain
security incident
social security numbers