More missing data

June 30, 2005

Loren Steffy

Here's yet another security breach of consumer data at a big bank.

In this case, it's Bank of America, which has had problems before. Last month, the names, addresses and Social Security numbers of about 18,000 customers were on a laptop that was stolen from the car of a "consultant" hired by the bank.

A customer in California who read my earlier column on data theft sent me a copy of a letter (PDF document) that B of A mailed to customers last week.

It contains the usual empty assurances from yet another financial institution that doesn't seem to grasp the gravity of the problem or be willing to take the necessary steps for prevention.

A laptop?? They let an outsider put sensitive customer data on a laptop and remove it?? This is a guy they hired to advise on tech support??

I could go on about this, but my counterpart at the San Francisco Chronicle, David Lazarus, had a nice riff of his own on the subject yesterday, so I'll refer you to him.

UPDATE: Bank of America says its buying MBNA, one of the biggest credit-card issuers in the country, for $35 billion. Just think, millions more pieces of sensitive, unencrypted data for the laptop...

main page ATTRITION feedback