Citigroup Gives Up The Data Goods On Millions

from the privacy?--bah dept

Mel and Carlo both submitted this story at the same time, saying that Citigroup has leapfrogged their way into the lead of the contest for the most egregious data privacy breach by losing detailed info on 3.9 million customers, including "Social Security numbers, names, account history and loan information about retail customers, and former customers." If history is any guide, the numbers will probably go up. Also, the company seems fairly laid back about the breach, noting that they're sorry about it, but taking a tone that suggests, you know, these things happen. They also mention that starting in July, they'll start encrypting such data. Update: Ah yes, it's been pointed out that I left out the best part of all of this. The data was lost by UPS (what can Brown do for your data privacy?) who was transferring the backup tapes around.

Reader Comments

Subscribe: RSS

View by: Time | Thread

  • identicon
    Jared, 6 Jun 2005 @ 12:38pm


    I believe I heard it in a movie once - "Don't try to frighten us with your sorcerer's ways...your sad devotion to that ancient religion hasn't helped you conjur up the stolen data tapes..."

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Jun 2005 @ 2:46pm

    Beware UPS

    My brother worked there for a while, just long enough that they didn't have to pay him benefits of course, just like everyone else. He saw a lot of things "disappear" off the truck. Thinking of insuring your package? UPS will mark it with a sticker indicating that it is insured. The employees see the sticker and that package has less chance of making its way to the destination, especially if it is small.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward II, 9 Jun 2005 @ 1:20pm

      Re: Beware UPS

      1. If your brother was a driver - his benefits package is determined by Teamsters.
      2. UPS does not sticker (or mark) insured packages.

      reply to this | link to this | view in chronology ]

  • identicon
    Bill, 7 Jun 2005 @ 5:31am

    Not Backups..

    My understanding is these were tapes destined for a credit reporting agency. It also appears they were not encrypted. Now I have to verify that my business follow the new PCI vaildation system invented by Citigroup and others that requires me to preform due diligence with all my credit card data. And have a seperate company certified by Citigroup do the testing of my security. Which ironically includes that I encrypt all backup and transfered data plus 10 more pages of security requirements.
    Dont do as I do, do as I say.

    reply to this | link to this | view in chronology ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: I Invented Email
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.