Citigroup Gives Up The Data Goods On Millions

from the privacy?--bah dept

Mel and Carlo both submitted this story at the same time, saying that Citigroup has leapfrogged their way into the lead of the contest for the most egregious data privacy breach by losing detailed info on 3.9 million customers, including “Social Security numbers, names, account history and loan information about retail customers, and former customers.” If history is any guide, the numbers will probably go up. Also, the company seems fairly laid back about the breach, noting that they’re sorry about it, but taking a tone that suggests, you know, these things happen. They also mention that starting in July, they’ll start encrypting such data. Update: Ah yes, it’s been pointed out that I left out the best part of all of this. The data was lost by UPS (what can Brown do for your data privacy?) who was transferring the backup tapes around.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Citigroup Gives Up The Data Goods On Millions”

Subscribe: RSS Leave a comment
Anonymous Coward says:

Beware UPS

My brother worked there for a while, just long enough that they didn’t have to pay him benefits of course, just like everyone else. He saw a lot of things “disappear” off the truck. Thinking of insuring your package? UPS will mark it with a sticker indicating that it is insured. The employees see the sticker and that package has less chance of making its way to the destination, especially if it is small.

Bill says:

Not Backups..

My understanding is these were tapes destined for a credit reporting agency. It also appears they were not encrypted. Now I have to verify that my business follow the new PCI vaildation system invented by Citigroup and others that requires me to preform due diligence with all my credit card data. And have a seperate company certified by Citigroup do the testing of my security. Which ironically includes that I encrypt all backup and transfered data plus 10 more pages of security requirements.
Dont do as I do, do as I say.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...