Ohio Data Leak Gets Pinned On The Intern

from the passing-the-buck-eye dept

You might remember the recent data leak in Ohio, where personal info on a million or so people was lost, after a storage device containing it was stolen from an intern's car. The intern, who apparently took the device home with him as part of a security protocol, has now been fired by the state, and says he's being made the scapegoat for the loss. Despite the governor's claims to the contrary, of course the intern's being scapegoated, even though he apparently was just doing what he was told. That's how things work with data leaks: the buck is passed, and responsibility shirked. In this instance, the state can say the responsible party has been fired, glossing over the fact that he was apparently just following directions he'd been given, and that the real problem here was a flawed security plan that was either devised by an idiot, or, more likely, by somebody who didn't take the security of other people's personal info very seriously. That's the problem here: nobody seems to care when it's other people's data. There are never any real ramifications from these leaks, as long as companies or governments are seen to have some security plan in place, even if it's not a good one. Until that changes -- and the scapegoating and responsibility shirking stops -- data leaks and breaches are going to keep on coming.

Filed Under: data breaches, identity theft, ohio, security


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Doug Logan, 28 Jul 2007 @ 7:45am

    Why was an intern given so much sensitive data?

    While I also agree that the intern probably should have at least locked his car, why was an intern given so much sensitive data? Who is to say that the tape wasn't just "stolen"? Back when there was that whole scandal where social security # information from the bank was being sold the article I read talking about the people being busted stated that they were being paid $1 or more per social security number. If there was even 10,000 social security numbers in that data (and there easily could be on the 100,000's), thats a lot of money for an intern. It was an idiotic decision to trust that data to an intern in the first place, even if there was a policy to take that off site. A more seasoned IT individual might have at least thought about the potential risks associated with the data being lost and would have taken more measures (e.g. bring it into their house).

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.