Firm's Personal Info Loss Just The Latest In A Proud Line Of Data Leaks

from the good-work dept

Tue, Apr 10th 2007 9:21pm — Carlo Longino

Another day, another data leak: a CD containing the personal information of 2.9 million Georgia residents has been lost by a contractor, potentially exposing them to identity theft. Even such a big leak is hardly notable these days, except for one factor -- the disk was lost by Affiliated Computer Services, a company that's been responsible for several other data leaks. An ACS computer got stolen in Denver last November, and on it was personal information of between 500,000 and 1.4 million people in Colorado. A few months earlier, a glitch on a student-loan web site run by ACS exposed the information of 21,000 students, while earlier in the year, credit-card data from seven years' worth of customers was stolen from a system run by ACS at the Denver airport. Rounding out the list -- or at least the list of ACS-related incidents that made it into the media -- is the theft of two of the company's laptops with data on tens of thousands of Motorola employees in May 2005. This company clearly has a problem with protecting personal information, but it doesn't appear that there are ever any repercussions to these losses. It just accepts whatever minimal fines, if any, it has to pay, and paying for some credit monitoring, as a cost of doing business. The fact that these problems keep happening to ACS reflect how seriously many companies take the threat of identity theft -- which is to say, not seriously at all. But perhaps more distressing is that with the company's track record, government officials don't seem to have any problem passing ACS personal information with little to no oversight.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

7 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Keith L. Dick, 10 Apr 2007 @ 9:58pm

Holly Crap!, will this ever end??...

From the looks of it it may never...
[ link to this | view in chronology ]
not suprised, 10 Apr 2007 @ 11:00pm

cradel to grave
I can't imagine this can go on too much longer. However, I don't see an entity willing to stop it.
I have experience with identity theft form beginning to end.
My wife's ID was stolen under her maiden name 1 year after our marriage. She can prove that she was in labor with our first child at the exact time that some major transactions took place across the country. The creditors deduced that she must have loaned credit/phone calling cards to someone for the express purpose of fraud. NICE!
I have a friend that is retired who buys, for resale, abandoned storage lockers. He acquired through auction a storage space packed to the brim with fraudulent driver’s license, and credit card manufacturing supplies. He finally was forced to drive to a county facility to surrender the equipment as no local law enforcement agency was willing to feign interest.
I work in industry, and do my very best to insure that customer data is safe upon any machine that I administrate. When I see firms that somehow work the hemorrhaging of personal data into the cost of doing business I am reminded that no one seems to care. The lending agency writes it off as bad debt, the offending company is slapped on the wrist and law enforcement states lack of resources. Who in this twisted ecosystem is left unprotected?
YOU!
[ link to this | view in chronology ]
You never know, 11 Apr 2007 @ 6:01am

And this surprises anybody? Let it happen to some political leader and see who catches hell.
[ link to this | view in chronology ]
Warren P Konitshek, 11 Apr 2007 @ 6:24am

I guess they don't care about customers
I would think that companies like ACS would keep Data information like a TOP SECRET FILE.
[ link to this | view in chronology ]
Fred Flint, 11 Apr 2007 @ 7:22am

It won't get better.....
.... because the senior management of these all these companies and organizations involved simply don't care because it isn't their data!

You'd best believe, their data is very, very secure, just like yours should be.
[ link to this | view in chronology ]
joe shmoe, 11 Apr 2007 @ 8:16am

This could have been avoided (obviously)
I work on the security staff for a national retailer and we are trying to avoid situations like this. Many of our users who might have access to personal or confidential data travel quite frequently and for that reason (and just because it's a good thing to do) we encrypt the workstations/laptops and we're working toward forcing the encryption of any data copied to removable devices (burning cd's, usb devices, etc..). Just seems odd that this happened to the same company more than once, there CIO must have his head up his a$$.
[ link to this | view in chronology ]
Question, 11 Apr 2007 @ 9:16am

Fines?
Anyone know how much the fines were?
[ link to this | view in chronology ]