Access this Note and more by filling out your information.
When you register you will also receive:
- A Free Trial Membership which provides additional free research and help on your projects
- Access to survey data, contribute to our research, community involvement and much more
(By Info-Tech Analyst James Quin - Printed with permission from Processor magazine www.processor.com).
On Feb. 27, 2008, the Bank of New York Mellon shipped a tape containing the personal information of more than 4.5 million clients to an Archive America offsite storage facility. That tape never arrived. The information contained on the tape included (among other things) names, birthdates, and Social Security numbers—exactly the information desired by identity thieves. Even though the information contained on the tape was clearly of an extremely sensitive nature, encryption was not used. Loss of the tape was not reported until almost a month later, and it has yet to be recovered. Although Archive America lost the tape, BNY Mellon is in the news because the data was entrusted to BNY Mellon by its customers in the first place.
While this is the most serious data breach so far in 2008, it is by no means the only one. According to PrivacyRights.org, through the end of May, there have been 155 acknowledged data breaches of customer data of one kind or another. Some, such as the BNY Mellon incident, involve tape loss, while others occurred as a result of laptop theft/loss, server theft, or inappropriate posting of sensitive data to public access areas. In almost all cases, the data that has gone missing has included Social Security numbers, credit/debit card numbers, or both.