Welcome to the SecAware blog

I spy with my beady eye ...

22 Apr 2006

Boeing worker data on stolen laptop

The Seattle Times reports yet another security breach involving the potential compromise of thousands of confidential personal details. "The laptop was grabbed from a Boeing human-resources employee at an airport," said company spokesman Tim Neale. "The laptop was password-protected and was turned off," he said. But the file containing the names, Social Security numbers and in some cases, addresses and phone numbers for 3,600 current and former employees was evidently not encrypted, despite a directive issued five months ago to remove or encrypt all sensitive information on laptops.
Whereas a few years ago it would have been infeasible for anyone to carry 3,600 personnel records without a large trolley for the filing cabinets, all modern laptops have sufficient hard disk space for the data and a whole lot more. They also have the CPU capacity to apply strong encryption. Boeing is certainly not alone in failing to apply suitable security measures to protect senstive data on vulnerable hardware.
More confidentiality resources.

No comments:

Post a Comment