Bank Of America Loses 1.2 Million Customer Records 299
Christopher Reimer writes "C|Net is reporting that Bank of America lost 1.2 million customer records when some backup tapes went missing while being shipped to a backup center. The lost records mainly effect U.S. government employees involved in the SmartPay program. From the article: 'The acknowledgment comes as several other cases of businesses losing consumer information have come to light.'"
I wonder how long ago they found out about this? (Score:5, Interesting)
ChoicePoint execs sold shares before theft news
ChoicePoint Inc.'s top two executives made a combined $16.6 million in profit from selling company shares in the months after the data warehouser learned that people's personal information may have been compromised and before the breach was made public, regulatory filings show. ChoicePoint's stock has dropped about 10 percent since last week when the company announced that criminals had duped it into allowing them access to its massive database. Alpharetta, Ga.-based ChoicePoint says the stock trading was pre-arranged under a plan approved by the company's board. Corporate governance experts say the pattern and timing of the trading by chief executive Derek Smith and president Douglas Curling raises questions. Smith and Curling did not respond to repeated requests through a spokesman for comment Friday.
Full Story: Twincities.com (Subscription Requred - use bugmenot.com) [twincities.com]
Indeed. (Score:3, Interesting)
Well, I guess they have at most 999,999,999 more transactions until we know that they've blown their *ahem*commitment to their consumers--unless you count each person affected as an error here, in which case we can probably sue them for false advertising. Or at least utter stupidity.
That said, I bet someone mixed those backup tapes in their bedroom with their pornos, in which case roughly half of the Government officials are thanking teh Bank this morning.
Re:Encryption? (Score:2, Interesting)
Aftereffects (Score:3, Interesting)
about yay high (Score:2, Interesting)
Data loss is not acceptable (Score:4, Interesting)
The value of Data (Score:2, Interesting)
The data of a company is one of its most important actives, and forever (long before the computers hage) the companies have tried to lock it, because it shows everything about its costumers, but also it shows everything about the companies themselves.
Now if a bank gets hold of that data, they can browse and find out which are the good customers(a lot of transactions, no problems with payment or delays, big benefits) and try to offer them better conditions than their current ones and which one are the bad customers (little movement, debts, bad financial situation) and must be rejected if they go to their bank.
Aside from the legal and PR stances, the companies own interest is to protect its data, and it is enough to make me sure that some heads have been already cut...
Senate hearings on the way? (Score:3, Interesting)
Re:Encryption? (Score:4, Interesting)
Bank record transportation is (or at least was, before Check21 went into effect) a major and rather vertical industry. The general chain of command is that a courier service picks up "the goods" (cancelled checks, backup tapes, whatever) from a bank, takes the cargo to the nearest airport, and drops it off in one manner or another. Depending on the bank and the courier, the goods are either dropped at the airport Post Office or taken to an airline's cargo input on the ramp.
From there, the obvious happens. Either the items are transported via USPS to their destination, or they fly as commercial cargo and wind up at the destination airport, where another series of couriers collects and delivers it to the receiving location. The article that I saw claimed that BOFA declined to describe how the process works. Well, this is how the process works.
The thing is, bank records are not exactly labeled "PERSONAL FINANCIAL RECORD BACKUPS, TOTALLY SECRET, PLEASE BE CAREFUL." The people who are working as couriers for banks know what they're picking up, but they also know that they're constantly under scrutiny. Once this stuff hits the ramp, it's just cargo as far as airline employees are concerned. It gets on a plane, flies to a destination, and things reverse; ramp agents unload random cargo as far as they know, and then some courier who knows damn well that he's being watched takes it to the receiving bank.
From all accounts, BOFA seems to be blaming ramp agents. I call bullshit. For one thing, nobody goes on or off a ramp without some sort of security check; I should know, I'm on the ramp almost every day. And most of the "secure" cargo flowing through a given ramp is unmarked and can't readily be recognized. The only time you pick up on something "special" is when Customs imounds a shipment.
As far as the explanations I've heard, I say BOFA are full of shit. This wasn't a ramp worker nabbing a case of backup tapes - he'd never have gotten off the ramp. This is negligence one way or another.
Re:about yay high (Score:2, Interesting)
BoA and getting screwed.... (Score:3, Interesting)
I view my banks as necessary evils, and little more. I have my primary checking account with U.S. Bank right now, and for a while, thought they were going to be "above average". They offer free, unlimited online billpay, for example - while many others want to charge monthly fees for using it. Unfortunately, they're teriffic about tossing around service charges and penalties like candy at every opportunity.
For example, a while back, they talked me into getting a VISA card with them, to go along with my checking account and debit card. (They said, if you want overdraft protection on your checking account, this is the only way you can do it. Get our VISA card, and then if your account is ever overdrawn, we'll just charge the difference to the VISA and save you all those bounced check charges, etc.) Sounded good - but it's been a nightmare. When I got divorced, I asked to have my card numbers changed for security reasons. They did, but that broke the relationship between the VISA card and my new bank acct. # - and it took me almost a week to get it resolved. (It was still providing the overdraft protection on the old account number!)
After that, I started having problems where every time my checking account came within $75 or so of being overdrawn, they'd automatically transfer hundreds of dollars over from the VISA, plus service charges, even though I never actually overdrew it at all.
Last week, I rushed to deposit my paycheck before several online billpay payments were due to process. Even though the check cleared on the same day the outgoing payments were scheduled for - they overdrew my account first, and THEN credited the deposit to it. Again, a tactic to maximize their service fees.
Re:about yay high (Score:3, Interesting)
http://www.datalinksales.com/cgi-bin/shop/datstor
They are shipped in a flat white box about 12 x 12 x 1. Usually no other markings other than address label.
Cartridge tapes are smaller.
This sounds like one server reel being lost amongst a full backup.