Sophos: Bank of Ireland loses customer data on memory stick
November 2008 by Sophos
IT security and control firm Sophos is warning companies about the importance of encrypting data on portable devices following the loss of personal information of almost 1000 bank customers by an employee of Bank of Ireland.
According to reports, details of 894 customers’ accounts, phone numbers and addresses were wrongfully copied onto a portable flash drive which was subsequently lost. Sophos experts note that in the wrong hands, this type of information could easily provide criminals with some of the essential stepping stones to committing identity theft.
"Bank of Ireland has informed those affected about this latest security blunder, and has promised to monitor their accounts for unusual activity," said Graham Cluley, senior technology consultant at Sophos. "While this is definitely the right step, this security lapse should never have happened in the first place. However, sadly it seems the message about the need for greater care over the transport of sensitive data just isn’t getting through to some businesses - or at least that workers cannot be trusted to follow security guidelines and policies, putting the reputation of their companies directly into the firing line."
Sophos advises all businesses to ensure the proper checks and measures are in place to control access to memory sticks and ensure that any sensitive data copied to them remains encrypted