in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

More On TD Bank Data Breach Involving Backup Tapes

Encryption software is not a magical cure-all for digital data woes, but it certainly can cut down on the risks of them coming to fruition.  Take, for example, the TD Bank data breach that I had blogged about earlier this month.

In that particular case, computer tapes that contained Social Security numbers and other sensitive personal data were lost, and those affected by the breach remained ignorant of the fact for eight months.

I found an update on that situation.  Nothing new, but more details.

Explanation on How Tapes Lost Still Not Forthcoming

The new details that I've found, according to onlinesentinel.com:

  • TD Bank has 54 branches in Maine alone.
  • The bank has more than 7.4 million clients and over 1,275 retail locations.
  • The tapes were lost in Massachusetts.
  • The number of people affected was not revealed (but I found earlier reports that 267,000 people were affected).

Maine Law Does Not Have Deadline for Notifying Residents Affected by Breaches

Maine has a data breach notification law in place.  I also know that there isn't a deadline by which people must be notified.  Instead, the law requires people to be notified as soon as possible, a condition that is not exclusive to Maine only.

And -- surprise, surprise -- that means that you'll see instances where a company that has been victim to a data breach will wait for a long time before notifying those who are most at risk: clients whose information has been breached.  I'm not sure why the law was drafted the way it was.  It's only logical that companies would end up using soft deadlines to their advantage.

Can we expect the state of Maine to update legislation to change what is an obvious shortcoming?


Related Articles and Sites:
http://www.onlinesentinel.com/news/td-bank-says-it-worked-diligently-to-find-lost-tapes_2012-10-10.html

 
<Previous Next>

Weak Encryption: Researchers Crack Encryption On Australian Public Transportation

Maine Personal Information Data Privacy Notification And Encryption Laws: Title 10 §1346 - §1350

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.