« Another Kind of Security Issue for MySpace | Main | Microsoft Winning Over Hackers? »

This is like deja vu' all over again. Here's another case of a missing computer potentially compromising identities of over half a million injured workers in New York.
(Hat Tip: Martin McKeay, ComputerWorld Security Blog)

Names, addresses, SSNs of these workers from two workers compensation funds are potentially compromised because the computer storing this information has been stolen. No, let me restate that. To be specific - this computer provided by NY state to the CS Star contracting company is not technically stolen but actually "cannot be located" according to a letter sent to those impacted by this situation.

Now, don't get me wrong. I have some sympathy for that excuse...I tend to be forgetful and sometimes the keys to my car "cannot be located" temporarily on a Monday morning...in 10th grade, at times I was found it necessary to tell my math teacher that my homework "cannot be located"...but I think the state of NY could do a little better than that.

See a trend with this and the Veterans Admin situation? In the near future, there are probably going to be far more identities compromised by careless handling of laptops and other computers than from hackers compromising an electronic transaction. We may transact bits & bytes for a living but we live in a physical world. Security policy enforcement must involve connecting the dots between the two.

Posted by andreyee in Privacy/Information Theft |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/542