Citigroup Gives Up The Data Goods On Millions

from the privacy?--bah dept

Mel and Carlo both submitted this story at the same time, saying that Citigroup has leapfrogged their way into the lead of the contest for the most egregious data privacy breach by losing detailed info on 3.9 million customers, including "Social Security numbers, names, account history and loan information about retail customers, and former customers." If history is any guide, the numbers will probably go up. Also, the company seems fairly laid back about the breach, noting that they're sorry about it, but taking a tone that suggests, you know, these things happen. They also mention that starting in July, they'll start encrypting such data. Update: Ah yes, it's been pointed out that I left out the best part of all of this. The data was lost by UPS (what can Brown do for your data privacy?) who was transferring the backup tapes around.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Jared, Jun 6th, 2005 @ 12:38pm

    Movie?

    I believe I heard it in a movie once - "Don't try to frighten us with your sorcerer's ways...your sad devotion to that ancient religion hasn't helped you conjur up the stolen data tapes..."

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Jun 6th, 2005 @ 2:46pm

    Beware UPS

    My brother worked there for a while, just long enough that they didn't have to pay him benefits of course, just like everyone else. He saw a lot of things "disappear" off the truck. Thinking of insuring your package? UPS will mark it with a sticker indicating that it is insured. The employees see the sticker and that package has less chance of making its way to the destination, especially if it is small.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Bill, Jun 7th, 2005 @ 5:31am

    Not Backups..

    My understanding is these were tapes destined for a credit reporting agency. It also appears they were not encrypted. Now I have to verify that my business follow the new PCI vaildation system invented by Citigroup and others that requires me to preform due diligence with all my credit card data. And have a seperate company certified by Citigroup do the testing of my security. Which ironically includes that I encrypt all backup and transfered data plus 10 more pages of security requirements. http://usa.visa.com/business/accepting_visa/ops_risk_management/cisp.html?ep=v_sym_cisp
    Dont do as I do, do as I say.

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Anonymous Coward II, Jun 9th, 2005 @ 1:20pm

    Re: Beware UPS

    1. If your brother was a driver - his benefits package is determined by Teamsters.
    2. UPS does not sticker (or mark) insured packages.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This