Forwarded from: Dennis Kezer <Dennis@private> Based on what is in this story there was absolutely no technical protection on these tapes and anyone with the correct drive should be able to mount them and capture the data. A corporation of this size should be using a backup application that can provide at least rudimentary security. -----Original Message----- From: InfoSec News <isn@private> Sent: Monday, February 28, 2005 5:37 AM To: isn@private Subject: [ISN] Bank loses credit-card info of 1.2M federal workers http://www.computerworld.com/securitytopics/security/story/0,10801,10006 1,00.html By Joanne Morrison FEBRUARY 26, 2005 REUTERS Computer tapes containing credit-card records of U.S. Senators and more than a million U.S. government employees are missing, Bank of America said yesterday, putting the customers at increased risk of identity theft. The security breach, which included data on a third of the Pentagon's staff, angered lawmakers already concerned after criminals gained access to thousands of consumer profiles in a database maintained by a data profiling company, ChoicePoint Inc. (see story) Bank of America Corp. did not release details of how the tapes were lost, but Sen. Charles Schumer, a New York Democrat, said he had been informed by the Senate Rules Committee that the data tapes were likely stolen off a commercial plane by baggage handlers. "Whether it is identity theft, terrorism or other theft, in this new and complicated world baggage handlers should have background checks and more care should be taken for who is hired for these increasingly sensitive positions," Schumer said. Social security numbers, addresses and account numbers were on the tapes for 1.2 million account holders, of which about 900,000 belonged to Defense Department employees, Defense Department spokesman Bryan Whitman said. The tapes contained information from the accounts of dozens of U.S. Senators and from employees of federal agencies, officials monitoring the situation said. Bank of America said the small number of computer data tapes were lost in December while being shipped to a back-up data center. [...] _________________________________________ Bellua Cyber Security Asia 2005 - http://www.bellua.com/bcs2005
This archive was generated by hypermail 2.1.3 : Wed Mar 02 2005 - 12:05:04 PST