Irish insurance data loss is 50,000 more reasons to protect customer data says Origin Storage
"Actually it's 50,000 reasons, as each one of the people whose details have been lost will be a customer, or someone who has requested a quote from the insurance firm. And if they ever get to find out what has happened - which is quite likely as the news of this data loss gets out to a wider audience - they will not be well disposed towards the company," he said.
"Even if only 10 per cent of customers hear about the potential data loss and decide to take their business elsewhere, and assuming each customer's business is worth 200 euro, that still a million euro-worth of lost business that could result from this incident," he added.
According to Cordial, whose company supplies a wide range of encrypted and multi-layered protection hard drives plus allied storage solutions, the data loss appears to stem from a tape that was ordered but never arrived, suggesting that the insurer may be looking at a smaller-scale rerun of the infamous HMRC data disk loss that hit the headlines in November 2007.
In that incident (http://bit.ly/9IsNO), which involved the potential loss of millions of child benefit claimant's data, questions were asked why the data was not protected with suitable encryption.
And, says the Origin Storage MD, you have to start to ask the same question with regard to this tape loss, as here we are - approaching four and a half years down the data security turnpike - and no lessons appear to have been learned by IT professionals.
The simple fact of the matter, Cordial explained, is that easy-to-use encryption solutions exist today that can support on-the-fly encryption and decryption within the storage device itself, meaning that if a tape is then removed, the data it holds is fully protected.
In this case, he said, whilst the full facts of the tape loss have yet to be revealed, it seems that around 1,000 customers are located in the UK, and that the data lost includes client's name, address and bank account details.
"This is perfect identity theft material, and can be allied with criminally-obtained data to provide fraudsters with enough ammunition to start defrauding people. The fact that the company claims that only an experienced IT specialist could access this data is laughable," he said.
"Ask any tape storage systems sales person - maybe even one of our staff here at Origin Storage - how to access the data on the tape, and s/he would soon come up with the goods. And if our sales guys and girls can do this, the cybercriminals out there almost certainly can as well," he added.
"This is a large-scale data breach that, given Ireland's population, probably ranks as one of the largest in the Republic's history. The case will cost the company money in several ways, not least when the Irish and UK data protection authorities get more involved."
For more on Origin Storage: www.originstorage.com
For more on the Phoenix Ireland data loss: http://bit.ly/hSKZBK
Press releases you might also be interested in
Weitere Informationen zum Thema "Sicherheit":
Neue Unsicherheit für den Datenaustausch in der Cloud
Unternehmen müssen wie selbstverständlich Daten von Kunden austauschen, auch von Ländern der EU in die USA. Durch einen neuen Gerichtsbeschluss sind die dafür aktuell gültigen rechtlichen Bestimmungen – Standardvertragsklauseln und/oder das sogenannte „Privacy Shield“-Verfahren - neuerlich unsicher.Weiterlesen