[Dataloss] Laptop security lapse at BoI shines a light on data safety

security curmudgeon jericho at attrition.org
Mon Apr 28 07:24:42 UTC 2008



---------- Forwarded message ----------
From: InfoSec News <alerts at infosecnews.org>

http://www.independent.ie/business/irish/laptop-security-lapse-at-boi-shines-a-light-on-data-safety-1359869.html

By Sharon Lynch
independent.ie
April 26 2008

LOSING a laptop can be attributed to just plain bad luck, two can be put 
down to carelessness, however, three and four would send anybody's alarm 
bells ringing.

But this was not the case at Bank of Ireland earlier this week when it 
emerged that four laptops had been stolen from the institution's 
investment arm between June and October of last year.

The bank said it was only told six weeks ago that three of its unencrypted 
laptops were stolen from cars and another from the branch.

And when it emerged that the laptops had the personal data of 10,000 
customers, which were only protected by a password system, a number of 
questions were raised about the safety of customer information as well as 
the regulation of security systems.

Weak

Owen O'Connor at Information Systems Security Association Ireland 
described the bank's IT security procedure as a "very weak'' level of 
protection. "If a laptop is unencrypted, a moderately skilled IT person 
will be able to access all information on the files," he said.

[..]


More information about the Dataloss mailing list