Why Steal Personal Information? 2 Mass Papers Give It away - Stripers247.com Forums
 
Striped Bass Fishing Site Map | Contact Us | Fishing Log Software | Fishing Online | Advertise
to UPLOAD: please register or login

Go Back   Stripers247.com Forums > Striper Information & Services > Information - Security - Help Center
Forgot Password? Register Now!!

Information - Security - Help Center Need help with the forum? Have questions about the forum? Got an idea or suggestion for us? Also, find info on computer security & misc other goodies here.


Reply
 
Thread Tools
  #1  
Old 02-11-2006, 12:34 AM
Striperjim's Avatar
Striperjim Striperjim is offline
Registered User
 
Join Date: Mar 2004
Location: Planet Earth
Posts: 4,316
Default Why Steal Personal Information? 2 Mass Papers Give It away

Two Massachusetts newspapers owned by The New York Times Company (the Boston Globe and Worcester Telegram & Gazette) have admitted that they sent out routing slips attached to NINE THOUSAND bundles of newspapers that contained ONE QUARTER OF A MILLION customer/subscriber names and credit card numbers.
According to Money Magazine, no reports of abuse have been received (aside from subscribers banging their heads into their coffee table as they put fraud alerts on their credit files). The information was accidentally released because the companies recycle used paper (they use both sides of every slip of paper - novel idea, bad implementation).

What failed here?
1) Inadequate information destruction / retention policy. There should be absolutely NO REASON for sensitive information like this ending up in a pile of paper to be recycled. Any paper containing potentially sensitive information should be shredded after use or placed into lockable 'destruction bins' that can be securely emptied and destroyed at a later date by authorized personnel.
2) Failure to test internal security controls. Who was watching the barn door at these two companies? Does their information security officer perform random inspections of these piles of recycle paper? Of their trash? Hell, do they even HAVE an information security officer? Now would be a good time to appoint a trained professional.
3) Failure to educate the work force. Employees should be periodically trained and reminded to look for such blunders, and given a special way to report such problems so that IMMEDIATE REMEDIATION can occur.
The Boston Globe and Worcester Telegram & Gazette now join a proud group of companies (like BofA, CardSystems, Guidance Software, etc.) who are a shining example of what can go wrong when your internal controls fail.

Congrats, guys.
__________________
How inappropriate to call this planet Earth when it is quite clearly Ocean.
Arthur C. Clarke
Reply With Quote
Sponsored Links
Advertisement
 
Reply

Bookmarks

Tags
give, information, mass, papers, personal, steal

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 02:40 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2004 - 2013 Stripers247.com LLC
Affiliated Sites:   Noreast.com   Allcoast.com    2coolfishing.com