Security News > 2005 > February > Bank loses credit-card info of 1.2M federal workers
http://www.computerworld.com/securitytopics/security/story/0,10801,100061,00.html By Joanne Morrison FEBRUARY 26, 2005 REUTERS Computer tapes containing credit-card records of U.S. Senators and more than a million U.S. government employees are missing, Bank of America said yesterday, putting the customers at increased risk of identity theft. The security breach, which included data on a third of the Pentagon's staff, angered lawmakers already concerned after criminals gained access to thousands of consumer profiles in a database maintained by a data profiling company, ChoicePoint Inc. (see story) Bank of America Corp. did not release details of how the tapes were lost, but Sen. Charles Schumer, a New York Democrat, said he had been informed by the Senate Rules Committee that the data tapes were likely stolen off a commercial plane by baggage handlers. "Whether it is identity theft, terrorism or other theft, in this new and complicated world baggage handlers should have background checks and more care should be taken for who is hired for these increasingly sensitive positions," Schumer said. Social security numbers, addresses and account numbers were on the tapes for 1.2 million account holders, of which about 900,000 belonged to Defense Department employees, Defense Department spokesman Bryan Whitman said. The tapes contained information from the accounts of dozens of U.S. Senators and from employees of federal agencies, officials monitoring the situation said. Bank of America said the small number of computer data tapes were lost in December while being shipped to a back-up data center. It said there was no evidence of crime resulting from the loss but the U.S. Secret Service was investigating the case. No thefts Although the tapes were lost months ago, bank officials were only allowed to notify cardholders when they received permission from federal law enforcement authorities, Bank of America spokeswoman Eloise Hale said. "The investigation to date has found no evidence to suggest the tapes or their content have been accessed or misused, and the tapes are now presumed lost," the bank said in a statement. Sen. Patrick Leahy, a Vermont Democrat, said he hoped the fact that Senate information was among the lost data would spur Congress to pay attention to a "rapid erosion of privacy rights" due to faulty data security. Bank of America, based in Charlotte, N.C., said it would monitor customer accounts detailed on the data tapes and cardholders would be contacted if unusual activity is detected. It said government cardholders would not be liable for unauthorized use of their cards. Officials at the General Services Administration, which manages federal employee travel credit-card accounts, could not be reached for comment but U.S. banking regulators said they were tracking the case. "The bank notified us and we've been monitoring the situation," said Kevin Mukri, a spokesman for the Office of the Comptroller of the Currency, which regulates Bank of America. Bank of America routinely ships back-up data tapes for storage at different locations in case any offices are damaged by fires or flood. The Defense Department has posted information about the issue for its employees on its Web site. (Additional reporting by Aleksandrs Rozens and Michele Gershberg in New York, and Andrea Shalal-Esa and Mark Felsenthal in Washington) _________________________________________ Bellua Cyber Security Asia 2005 - http://www.bellua.com/bcs2005
News URL
http://www.computerworld.com/securitytopics/security/story/0,10801,100061,00.html