Firm's Personal Info Loss Just The Latest In A Proud Line Of Data Leaks

from the good-work dept

Another day, another data leak: a CD containing the personal information of 2.9 million Georgia residents has been lost by a contractor, potentially exposing them to identity theft. Even such a big leak is hardly notable these days, except for one factor -- the disk was lost by Affiliated Computer Services, a company that's been responsible for several other data leaks. An ACS computer got stolen in Denver last November, and on it was personal information of between 500,000 and 1.4 million people in Colorado. A few months earlier, a glitch on a student-loan web site run by ACS exposed the information of 21,000 students, while earlier in the year, credit-card data from seven years' worth of customers was stolen from a system run by ACS at the Denver airport. Rounding out the list -- or at least the list of ACS-related incidents that made it into the media -- is the theft of two of the company's laptops with data on tens of thousands of Motorola employees in May 2005. This company clearly has a problem with protecting personal information, but it doesn't appear that there are ever any repercussions to these losses. It just accepts whatever minimal fines, if any, it has to pay, and paying for some credit monitoring, as a cost of doing business. The fact that these problems keep happening to ACS reflect how seriously many companies take the threat of identity theft -- which is to say, not seriously at all. But perhaps more distressing is that with the company's track record, government officials don't seem to have any problem passing ACS personal information with little to no oversight.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Keith L. Dick, Apr 10th, 2007 @ 9:58pm

    Holly Crap!, will this ever end??...

    From the looks of it it may never...

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    not suprised, Apr 10th, 2007 @ 11:00pm

    cradel to grave

    I can't imagine this can go on too much longer. However, I don't see an entity willing to stop it.
    I have experience with identity theft form beginning to end.
    My wife's ID was stolen under her maiden name 1 year after our marriage. She can prove that she was in labor with our first child at the exact time that some major transactions took place across the country. The creditors deduced that she must have loaned credit/phone calling cards to someone for the express purpose of fraud. NICE!
    I have a friend that is retired who buys, for resale, abandoned storage lockers. He acquired through auction a storage space packed to the brim with fraudulent driver’s license, and credit card manufacturing supplies. He finally was forced to drive to a county facility to surrender the equipment as no local law enforcement agency was willing to feign interest.
    I work in industry, and do my very best to insure that customer data is safe upon any machine that I administrate. When I see firms that somehow work the hemorrhaging of personal data into the cost of doing business I am reminded that no one seems to care. The lending agency writes it off as bad debt, the offending company is slapped on the wrist and law enforcement states lack of resources. Who in this twisted ecosystem is left unprotected?
    YOU!

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    You never know, Apr 11th, 2007 @ 6:01am

    And this surprises anybody? Let it happen to some political leader and see who catches hell.

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Warren P Konitshek, Apr 11th, 2007 @ 6:24am

    I guess they don't care about customers

    I would think that companies like ACS would keep Data information like a TOP SECRET FILE.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Fred Flint, Apr 11th, 2007 @ 7:22am

    It won't get better.....

    .... because the senior management of these all these companies and organizations involved simply don't care because it isn't their data!

    You'd best believe, their data is very, very secure, just like yours should be.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    joe shmoe, Apr 11th, 2007 @ 8:16am

    This could have been avoided (obviously)

    I work on the security staff for a national retailer and we are trying to avoid situations like this. Many of our users who might have access to personal or confidential data travel quite frequently and for that reason (and just because it's a good thing to do) we encrypt the workstations/laptops and we're working toward forcing the encryption of any data copied to removable devices (burning cd's, usb devices, etc..). Just seems odd that this happened to the same company more than once, there CIO must have his head up his a$$.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Question, Apr 11th, 2007 @ 9:16am

    Fines?

    Anyone know how much the fines were?

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This