Slashdot Mirror
3.9 Million Citigroup Customers' Data Lost
Rick Zeman writes "CNN.com is reporting that United Parcel Service has lost backup tapes containing the identies of 3.9 million Citigroup customers. According to UPS, '... a "small package" containing data storage tapes was lost while being transferred to a credit reporting bureau.' According to Citigroup, they 'included Social Security numbers, names, account history and loan information about retail customers, and former customers, in the United States.'"
A week hasn't gone by this year that some major data warehouse hasn't been "broken into". When are these people going to start taking our privacy and their security a little more seriously...
"A truly wise man realizes he knows nothing."
There is no reason why this data needs to be shipped together. Citigroup should keep social security numbers serparate from names, separate from account history, separate from address, etc. All this can be assembled when needed and it would make it much harder to steal useful data or for a criminal to make use of any lost tapes.
The global economy is a great thing until you feel it locally.
Regardless of who they used, why didn't they have some sort of encryption on the data? I'm not blaming UPS, I'm blaming Citibank...
"A truly wise man realizes he knows nothing."
You are so full of crap you damn UPS apologist.
.1% of all packages either get damaged or lost during shipping
>
You obviously have zero experience in the shipping field despite your claim to have worked for UPS. It isn't uncommon at times to have 100 times that percentage of packages lost or damanged by us. We are a union shop so the lazy thugs we have can get away with anything. For example at the terminal where I work, a local jewelry store went out of business and shipped-out about four dozen nice watches to a broker. Now almost every employee at this terminal has a nice brand-new watch. Another example, Kel-Tec CNC released a new pistol a couple of years ago. One of the drivers here picked-up the first few batches of pistols from them. Not a one of them made it to the FFL's who ordered them. The BATF couldn't even get UPS to take action against the union.
In both cases UPS couldn't fire a single person. Our union allows us to damage or steal as much as we want to. Your 0.1% number is complete crap. If you're shipping something worthless, broken, or bulky that's not worth the time for a union member to steal, you might only have that small of a loss. Otherwise, my coworkers can and will steal. And good luck colleting from UPS. We pay-out on less than 2% of the packages that are damaged and on less than 5% of the packages lost.
Skinner
quote.."Beginning in July, this data will be sent electronically in encrypted form,""
You wouldnt believe the amount of software and infastructue is current being expended to meet this deadline. I'm working on it now, Sounds easy doesnt it? Its not.
No, no, no. That would be to much thought.
More than likely they paid a consultant $3.5 million dollars to setup a secure backup system which would work flawlessly. Bought it. Installed it...
And then new IT director-minion-worked-at-walmart-last-week went in to "optimize" the server and kill any "useless" processes that were making it run slow, and killed the encryption process.
And then of course they backup for two years without encryption until they hire a $8 an hour "casual" to "catalog" and "clean up" the archives -- and he discovers that they aren't encrypted. Notifies his boss who really doesn't understand -- and nothing happens.
And then they have a security breach and are "caught off guard". Heads roll, new consultants are hired, and the process begins again.
Well, at least that's what seems to happen where I work.