Skip to content

DBAzine.com

Sections
Personal tools
You are here: Home » Blogs » Craig Mullins Blog » Craig Mullins: Perspectives on Database Management » 330K Names and SSNs "Lost"
Who Are You?
I am a:
Mainframe True Believer
Distributed Fast-tracker

[ Results | Polls ]
Votes : 568
 

330K Names and SSNs "Lost" 330K Names and SSNs "Lost"

In which we review another case of mistreated data and review the meaning of the word "lost"...
Computerworld reports on yet another case of "lost" data. This time it is a hard drive that holds the names, addresses and Social Security numbers of just about all of the members of the American Institute of Certified Public Accountants (AICPA). The total number of members impacted is 330,000 and the disk drive has been missing since February.

Computerworld reports:

The hard drive had been accidentally damaged by an AICPA employee and was sent out for repair to an external data-recovery service in violation of the AICPA's policies, said Joel Allegretti, a spokesman for the New York-based organization. It was on its way back to the AICPA via FedEx but failed to arrive. Allegretti did not say when exactly the drive went missing except to note that the package containing it was due back at the AICPA "toward the end of February."

OK, so here is another example of data that should have been protected better. Why wasn't this data encrypted? And, IMHO sensitive data should not be sent through the mail (any type of mail - USPS, FedEx, UPS, etc.).

The most ridiculous piece of this article is the statement made by the FedEx spokesman. His quote is as follows: "We did handle the shipment, and we are working closely and cooperatively with our customer to determine where the package might be," he said. "It is still being investigated. At this point, we are looking at it as a missing shipment; that doesn't mean it's lost."

So if it isn't "lost" then where is it? If you can't tell me, then it is lost. If you disagree with this, might I refer you to the dictionary for clarification of what it means to lose something. How about this: "to miss from one's possession or from a customary or supposed place." Gee, that sounds like what happened to this hard drive; it sure isn't in its customary or supposed place, is it?

It is bad enough when politicians stoop to double-speak, but when businesses don't step up and admit to their mistakes in clear, ungarbled verbiage, then maybe it is time to take our business elsewhere.

Of course, that's just my opinion... what do you think?


Sunday, June 11, 2006  |  Permalink |  Comments (0)
trackback URL:   http://www.dbazine.com/blogs/blog-cm/craigmullins/blogentry.2006-06-11.4231146730/sbtrackback
Craig Mullins
Data Management Specialist
Bio & Writings
Subscribe to my blog Subscribe to my blog
« June 2006 »
Su Mo Tu We Th Fr Sa
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30  
2006-06-01
10:04-10:04 The Latest on Data Professional's Salaries
2006-06-03
17:41-17:41 IT Commandments?
2006-06-05
11:00-11:00 Credit Card Data Stolen
2006-06-06
14:45-14:45 Another Stolen Laptop Causes Data Breach
2006-06-09
15:37-15:37 Exactly What Is Needed!
2006-06-11
20:59-20:59 330K Names and SSNs "Lost"
2006-06-15
01:52-01:52 Congress Weakening Data Privacy
2006-06-20
18:14-18:14 Reactive, But at Least a Response
2006-06-21
23:16-23:16 Wait-a-Second, Who Owns My Data?
 
 
Powered by Plone