[ISN] Stolen tape puts Bristol-Myers employee data at risk

From: InfoSec News <alerts_at_private>
Date: Wed, 23 Jul 2008 02:38:47 -0500 (CDT)

By Brian Fonseca
July 22, 2008 

Bristol-Myers Squibb Co. officials last week confirmed that a 
nonencrypted backup tape containing the personal data of current and 
former employees and their dependents was stolen on June 4 from a 
delivery truck carrying the device.

Bristol-Myers spokeswoman Laura Hortas said the New York-based 
pharmaceutical company began notifying current, former and retired 
employees by mail on June 12 about the missing backup tape. 
Bristol-Myers would not disclose how many people are affected by the 

However, according to a security breach notification letter (download 
PDF [1]) sent by the company to the New Hampshire Attorney General's 
office, the personal data of 458 residents of that state was stored on 
the stolen tape.

[1] http://doj.nh.gov/consumer/pdf/bristol-myers.pdf


Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com
Received on Wed Jul 23 2008 - 00:38:47 PDT

This archive was generated by hypermail 2.2.0 : Wed Jul 23 2008 - 00:45:34 PDT