Slashdot Mirror

← Back to Stories (view on slashdot.org)

SAIC Loses Data of 4.9 Million Patients

Posted by Unknown on from the keep-them-tapes-safe dept.

An anonymous reader writes "Government contractor SAIC just can't seem to get a break. Still fresh off of the Citytime scandal, they've now had a data breach in which backup tapes holding 4.9 million personal health records were stolen from an employee's car. To add insult to injury, evidently the tapes were not encrypted either: 'Tricare did not indicate whether SAIC encrypted the information on the stolen tapes, but Raley said, "It's very hard to encrypt a backup tape."'"

7 of 182 comments (clear)

  1. LOL by afidel · · Score: 4, Informative

    Hard to encrypt tape?!? Every LTO5 and most LTO4 drives support hardware AES encryption!

    --
    There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
  2. My professional opinion by subreality · · Score: 4, Informative

    It's very hard to encrypt a backup tape.

    I think I speak for everyone when I say: Fuck you, no it's not. I don't have any problems encrypting my personal backups even though I have nothing more private to protect than porn. You people are supposed to be professionals. Telling people their data is safe because it would require "special hardware and software" to read the tapes is pathetic. Get your shit together, sir.

    1. Re:My professional opinion by mlts · · Score: 4, Insightful

      Nail. Head. Hit.

      "special hardware and software" gets me...

      A LTO-5 drive and access to GNU tar or cpio is an alt-tab away for a number of IT people.

  3. Re:Espionage? by Nkwe · · Score: 3, Insightful

    What's the probability that someone breaks into your car and steals computer tapes?

    Maybe not as high as an employee selling the tapes and claiming that they were stolen.

  4. Re:!surprised by MagikSlinger · · Score: 3, Informative

    SAIC's greatest FAILs:

    Wow. The hits just keep coming...

    --
    The bitter lessons of a veteran coder: http://bitterprogrammer.blogspot.com
  5. Re:A few facts distilled from TFA by Tekfactory · · Score: 3, Insightful

    Well if it's a strictly Government program HIPAA isn't its regulatory framework. They'd still have a requirement to protect Personally Identifiable Information under FISMA act of 2002 and OMB Memorandum 06-16 which came out after the VA lost their records. Among other things M06-16 requires you to encrypt senstivie data on mobile media and data in transit.

  6. Re:Very hard to encrypt a backup tape? by Bucky24 · · Score: 3, Informative

    When was the last time we read a story, "Iron Mountain lost backup tapes uber confidential data."??

    Every time that happens they kill all the witnesses. So no one ever knows...

    --
    All the world's a CPU, and all the men and women merely AI agents