Options

800,000 stolen social security numbers: a 22-year-old scape?

Comments

  • Options
    KGhaleonKGhaleon Member Posts: 1,346 ■■■■□□□□□□
    Wow, that's pretty bad. I blame the company for allowing such a thing to take place.

    KG
    Present goals: MCAS, MCSA, 70-680
  • Options
    homerj742homerj742 Member Posts: 251
    KGhaleon wrote:
    Wow, that's pretty bad. I blame the company for allowing such a thing to take place.

    KG

    You don't think letting an intern take the company's unencrypted tapes home is secure?

    I don't know what's safer for the tapes, living them in his car, or on top of his tv when he remembered to bring them inside. lol
  • Options
    JDMurrayJDMurray Admin Posts: 13,052 Admin
    homerj742 wrote:
    I don't know what's safer for the tapes, living them in his car, or on top of his tv when he remembered to bring them inside. lol
    The tapes were probably partially degaussed by the TV, so they may be unreadable.
  • Options
    sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    Let's see...

    An intern reports to an intern, who reports to a $125/hour contactor consultant, who reports to a $200/hour contractor consultant...

    I wonder what else is going on RIGHT NOW that is putting Ohio tax payers data at risk. This is probably just the tip of the iceberg.
    All things are possible, only believe.
  • Options
    keatronkeatron Member Posts: 1,213 ■■■■■■□□□□
    That's a common mistake consultants make (sometimes it's intentional). You must make the entity aware (awareness training), of the risks associated with things such as losing any data (risk assessment). Consultants should be vehicles that bring value the process, and operations of securing information. They should enhance this concept, and NEVER be the final decision maker.
  • Options
    seuss_ssuesseuss_ssues Member Posts: 629
    1. First off who gives interns responsibility for backup tapes?
    2. I highly doubt the person who "broke into 5 cars" has a tape reader on his computer.
    3. If they did have a tape reader there is no indication that they have any intentions of using the information.
    4. Shouldn't the data be encrypted?
  • Options
    sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    1. First off who gives interns responsibility for backup tapes?
    In Ohio, apparently other interns. icon_lol.gif
    2. I highly doubt the person who "broke into 5 cars" has a tape reader on his computer.
    He probably tried pawning the tape, not even knowing what it was. If the pawn shop owner recognized the possible value, even if only for sale on ebay, the data could still be at risk.
    3. If they did have a tape reader there is no indication that they have any intentions of using the information.
    Identity theft is a huge industry with ties to organized crime. If the 2-bit punk(s) pawned the tape to a pawn shop owner... see my note above.
    4. Shouldn't the data be encrypted?
    Of course. This was just one of the dozens of mistakes made in this incident.
    All things are possible, only believe.
  • Options
    empc4000xlempc4000xl Member Posts: 322
    Off site storage shoulda been something like a safe depost box or a some type of place that stores items. Things like these should never be in a persons home.
  • Options
    shednikshednik Member Posts: 2,005
    icon_eek.gificon_eek.gif WOW is all i have to say...
  • Options
    garv221garv221 Member Posts: 1,914
    Thats what happens when an IT department becomes relaxed.

    Anyone have a contact number for this department? I would love to hire on as the $200/hr guy.
  • Options
    JDMurrayJDMurray Admin Posts: 13,052 Admin
    I hope they're planning on using something stronger this time than rot13.

    icon_lol.gif
  • Options
    SchluepSchluep Member Posts: 346
    JDMurray wrote:
    I hope they're planning on using something stronger this time than rot13.

    I hope they don't think some encryption software being installed all over the place is going to keep all of their data safe so they can leave it lying around in vehicles.
  • Options
    homerj742homerj742 Member Posts: 251
    Schluep wrote:
    JDMurray wrote:
    I hope they're planning on using something stronger this time than rot13.

    I hope they don't think some encryption software being installed all over the place is going to keep all of their data safe so they can leave it lying around in vehicles.

    Yeah, they're probably better off leaving it on top of the TV in the interns apartment.
  • Options
    SchluepSchluep Member Posts: 346
    Ressurecting this thread to post about yet another vanishing tape containing 150,000 Social Security Numbers and Credit Card information for 650,000 people with accounts at retailers such as JC Penny:

    http://hosted.ap.org/dynamic/stories/P/PENNEY_DATA_BREACH?SITE=CTDAN&SECTION=HOME&TEMPLATE=DEFAULT

    In the past few months most of the data breach stories have been primarily related to back-up media that goes missing. Clearly those with malicious intent have learned something from reading the stories, but the people responsible for properly securing and transporting such data have not.
Sign In or Register to comment.