[ISN] Bank loses credit-card info of 1.2M federal workers
isn at c4i.org
Wed Mar 2 12:29:34 EST 2005
Forwarded from: Dennis Kezer <Dennis at kezer.org>
Based on what is in this story there was absolutely no technical
protection on these tapes and anyone with the correct drive should be
able to mount them and capture the data. A corporation of this size
should be using a backup application that can provide at least
From: InfoSec News <isn at c4i.org>
Sent: Monday, February 28, 2005 5:37 AM
To: isn at attrition.org
Subject: [ISN] Bank loses credit-card info of 1.2M federal workers
By Joanne Morrison
FEBRUARY 26, 2005
Computer tapes containing credit-card records of U.S. Senators and
more than a million U.S. government employees are missing, Bank of
America said yesterday, putting the customers at increased risk of
The security breach, which included data on a third of the Pentagon's
staff, angered lawmakers already concerned after criminals gained
access to thousands of consumer profiles in a database maintained by a
data profiling company, ChoicePoint Inc. (see story)
Bank of America Corp. did not release details of how the tapes were
lost, but Sen. Charles Schumer, a New York Democrat, said he had been
informed by the Senate Rules Committee that the data tapes were likely
stolen off a commercial plane by baggage handlers.
"Whether it is identity theft, terrorism or other theft, in this new
and complicated world baggage handlers should have background checks
and more care should be taken for who is hired for these increasingly
sensitive positions," Schumer said.
Social security numbers, addresses and account numbers were on the
tapes for 1.2 million account holders, of which about 900,000 belonged
to Defense Department employees, Defense Department spokesman Bryan
The tapes contained information from the accounts of dozens of U.S.
Senators and from employees of federal agencies, officials monitoring
the situation said.
Bank of America said the small number of computer data tapes were lost
in December while being shipped to a back-up data center.
More information about the ISN