It was reported December 15 that Boeing had the 3rd laptop stolen in just a little over a year.
The laptop was stolen from an employee’s car. PII included “names, home addresses, phone numbers, Social Security numbers and dates of birth for current and former Boeing employees.”
Posts Tagged ‘data protection’
Stolen Laptop: 3rd Theft from Boeing Since November 2005; Clear Text PII of 382,000 On the Latest
Sunday, December 17th, 2006Penalty Applied for Laptop Theft: More Significant Penalties Are Needed to Motivate Better Safeguards
Thursday, December 14th, 2006The Boston Globe reported Tuesday that “Ameriprise Financial Services Inc. will pay $25,000 to settle a probe of how one of its laptop computers went missing with the personal data of thousands of Massachusetts residents.”
An Ameriprise Financial Services laptop was stolen in 2005 that contained clear text personally identifiable information (PII) about over 200,000 individuals.
Example of Need to Validate Business Partner Security: State of Vermont Privacy Breach Resulting from Contractor
Wednesday, December 13th, 2006An incident recently occurred where a contractor for the State of Vermont accidentally posted the Social Security numbers for hundreds of healthcare workers within Vermont. The data existed on the web site for approximately one month before it was removed.
This demonstrates one of the multiple reasons why organizations must ensure the acceptable security practices of the business partners to whom they entrust sensitive information.
PII About 800,000 Individuals Compromised at UCLA
Tuesday, December 12th, 2006Today CNN reported personally identifiable information (PII), Social Security numbers, home addresses and birth dates, about 800,000 current and former UCLA students, faculty and staff may have been compromised.
Surprisingly, the unauthorized access reportedly was occurring from October, 2005 through November 21 of this year when the security staff finally noticed suspicious activity.
Six U.S. Bills Related To Data Protection Introduced Dec. 5 – 7
Monday, December 11th, 2006Last week was a busy one for data protection bills for the end of the 109th U.S. Congress. Prior to adjourning, they introduced at least six bills related to data protection.
How Encryption Supports Compliance
Sunday, April 30th, 2006In this episode I discuss how encryption supports compliance as well as effectively protects personal information. Encryption is an under-utilized security tool. Considering the infinite number of today’s risks, threats and vulnerabilities, encryption can effectively keep unauthorized individuals and systems from accessing sensitive information and thwart many types of attacks. In today’s business environment with sensitive information being stored in multiple locations, many of them mobile, encrypting information is an effective privacy safeguard organizations can add to their arsenal of safeguard tools. I also discuss incidents that occurred and how the laws, regulations, and regulatory bodies encourage the use of encryption.
How to Effectively Address Privacy in Business
Sunday, March 26th, 2006In this episode I briefly discuss the current privacy concerns and business activities regarding the safeguarding of personal information and the types of impact incidents have upon business; the challenges associated with protecting personal information (both consumer and employee), and ways to address these challenges to avoid ending up in the newspaper as the next privacy incident headline; and the need to address privacy issues within business processes, not only to meet regulatory requirements but also to demonstrate due diligence, support business goals and build business value.
