[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [Fwd: [Dataloss] Laptop security lapse at BoI shines a light on datasafety]
FYI. Not that Full-Disk-Encryption would have addressed the problem if the FDE was not taking advantage of some crypto module that would lock out the attacker and/or destroy the decryption key after some unsuccessful attempts. Arshad Noor StrongAuth, Inc. ---------- Forwarded message ---------- From: InfoSec News <alerts@infosecnews.org> http://www.independent.ie/business/irish/laptop-security-lapse-at-boi-shines-a-light-on-data-safety-1359869.html By Sharon Lynch independent.ie April 26 2008 LOSING a laptop can be attributed to just plain bad luck, two can be put down to carelessness, however, three and four would send anybody's alarm bells ringing. But this was not the case at Bank of Ireland earlier this week when it emerged that four laptops had been stolen from the institution's investment arm between June and October of last year. The bank said it was only told six weeks ago that three of its unencrypted laptops were stolen from cars and another from the branch. And when it emerged that the laptops had the personal data of 10,000 customers, which were only protected by a password system, a number of questions were raised about the safety of customer information as well as the regulation of security systems. Weak Owen O'Connor at Information Systems Security Association Ireland described the bank's IT security procedure as a "very weak'' level of protection. "If a laptop is unencrypted, a moderately skilled IT person will be able to access all information on the files," he said. [..] [AN] And an update: http://www.rte.ie/news/2008/0428/boi.html The number of Bank of Ireland customers affected by the theft of laptops last year has risen to over 30,000, RT News has learned. Following futher investigations by the bank, it has emerged that details of more customers were on the four missing laptops than previously thought. Last week, the bank said that medical records, bank account details, names, addresses and dates of birth of 10,000 customers were on the laptops.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]