Slashdot Mirror

← Back to Stories (view on slashdot.org)

Chase Data for 2.6 Million Ends up in Landfill

Posted by ryuzaki0 on from the that's-something-of-an-oops dept.

svonkie writes to mention a ComputerWorld story about some bad news from some 2.6 Million Chase credit card customers. These folks are being told that tape backups with their information were mistakenly thrown away back in July. There's apparently no need to worry about possibility of compromised personal information; the company believes the tapes were destroyed at a landfill. Just the same, "To prevent similar incidents, Chase said it is strengthening its security procedures and is conducting a review of all data storage and protection processes. Chase began notifying the affected customers about the incident yesterday and said the process is expected to take two to three weeks. The company is offering one year of free credit monitoring to people whose Social Security numbers were on the tapes."

3 of 148 comments (clear)

  1. indexes? by Loconut1389 · · Score: 5, Interesting

    if they think the tapes were destroyed, how do they know exactly which card numbers were on the tapes? I mean they may know the bulk, but not all, right? or would they? If they got rid of the tapes, would the still have the indexes?

  2. This and a letter from the VA Dept on the same day by Infonaut · · Score: 3, Interesting

    Interesting timing. Just a moment ago I opened my mailbox and found a letter from the Department of Veterans Affairs. It seems they found the stolen hard drive that contained personal info on 26.5 million veterans. According to the letter, the FBI found the laptop and hard drive.

    "Based on the results of forensic tests, the Federal Bureau of Investigation (FBI) has told us that they are highly confident the sensitive data were not accessed."

    As a further backup, the VA has "obtained data breach analysis services as a means of further ensuring no misuse of this data occurs in the future."

    Like Chase, the VA is "throughly examining every aspect" of their information security program. In the case of the VA snafu, an employee took the laptop home in violation of VA policy. The rash of these incidents makes me wonder how we can expect any sort of large organization to keep a lid on data spills like these, given that most people can't be bothered with basic security precautions even on their own computers. Even if the VA spends millions upon millions of dollars upgrading their security technology and processes (which of course will draw the wrath of opponents of government waste), I'm not sure it will make much difference.

    --
    Read the EFF's Fair Use FAQ
  3. Re:Encryption!?! by MECC · · Score: 3, Interesting

    I was working on a project with equifax, one of the companies that keeps a repository of consumer credit data. We were setting up a VPN to their internal network. I offered to give them my public key so they could encrypt some configuration data. They promptly sent it all in the clear, keys and everything.

    *sigh*

    The sad part is there doesn't appear to be an effective evolutionary mechanism to rid the gene pool of such undesirable traits. Maybe this guy should be in charge of their data security, to help make sure the clueless don't contaminate the rest of the world.

    --
    "We are all geniuses when we dream"
    - E.M. Cioran