in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Laptop Disk Encryption: Coca-Cola Sued For January 2014 Laptop Theft (and Recovery)

I learned via databreaches.net that Coca-Cola has been sued over a data breach that occurred earlier this year: laptop computers, that were not protected with disk encryption software like AlertBoot, were stolen by a (former) employee.  While certain details weren't as forthcoming at the time, it was obvious that the employee's misdeed was made easy by the fact that the computers were marked for disposal… and he was in charge of disposing of them.

Why the Lawsuit?

Perhaps the latest lawsuit is just more evidence that the US is an overly litigious country: all the computers that were stolen by the wayward employee were recovered, as I noted in a previous entry.  Indeed, these had been recovered by the time the breach notification letter had been sent to affected employees.

On the other hand, the fact that they contained sensitive personal data and were easily accessible (remember, the laptops don't appear to have been protected with encryption software) does mean there is room for concern, however slight it may be.  What guarantees do affected employees have that their information was not stolen and sold prior to the laptops being recovered?

Had encryption been in place – quite unlikely, as I explained in my previous entry on the Coca-Cola breach – the company would probably see the case thrown out of court.  Among other things, Georgia is one of the many states that provides safe harbor from data breaches if sensitive information is encrypted.  But, as the company admitted, the laptops were not encrypted, apparently due to an oversight.

Something else that may have impacted the decision to go to court: 55 laptops were involved, according to the short blurb I can read at law360.com.  Losing a couple of laptops is one thing; losing 55 is something else.  My initial surprise wore off pretty quickly, but I can see how an individual who was directly affected by the breach might still be seething.

Related Articles and Sites:
http://www.databreaches.net/coca-cola-sued-over-stolen-laptops-breach/
http://www.law360.com/articles/595455/coca-cola-hit-for-privacy-breaches-from-stolen-laptops
http://online.wsj.com/articles/SB10001424052702304632204579341022959922200
 
<Previous Next>

Data Security: Home Depot's Execs Switch To Macs, iPhones After Data Breach

Laptop Encryption: Don't Forget To Use Strong Passwords

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.