AOL and US government expose personal data

Confidential information on more than half a million people has been leaked

Written by Phil Muncaster

IT Week, 08 Aug 2006

Two high-profile breaches of data security this week have highlighted the need for rigorous security and processes to help firms avoid bad publicity that could harm brands and lose customers.

Just a day after two men were charged with stealing a laptop containing sensitive data from the home of an employee of the US Department of Veteran Affairs, the department this week announced that another computer had gone missing, this time from a subcontractor's office.

The desktop computer reportedly contained information on up to 38,000 veterans including names, social security numbers, dates of birth and insurance details.

Meanwhile AOL apologised after it mistakenly released data from its search logs on more than 600,000 customers' search habits. The data was intended to be used on the firm's recently launched AOL Research site, and although the usernames were changed to random identification numbers, privacy activists complained that individuals could be identified if their search strings were viewed.

To help firms reduce the risk of exposing such data, analyst firm Gartner has suggested best practices to prevent information leaks. Research vice-president Rich Mogull said companies should deploy content monitoring and filtering tools for all outbound traffic, including email, instant messaging and web mail; and back-up tapes and laptops should be encrypted in case they are lost or stolen.

Mogull added that firms should ensure all workstations are kept up to date with anti-spyware protection and the latest patches; and portable storage media should be locked down.

Marc Shinbrood, chief executive of web application security vendor Breach Security, said the biggest risk to firms is not that they will lose intellectual property or break the law, but that they will suffer bad publicity, which could damage their brands and undermine customers’ trust.

“Legal compliance is a necessary evil but it isn’t the driving force for security,” Shinbrood said. “If you talk to [IT security chiefs] their job is to keep the company off the front page of the Wall Street Journal, or from appearing in front of a government regulatory committee, or having their customers doubting whether they should do business with them.”

Tags:

reader comments

related articles

 
Security

ICO raps health trust over stolen laptops

NHS still not handling patient information securely, says data watchdog 06 Feb 2009

Phorm

Tim Berners-Lee attacks web 'snooping'

Phorm-style deep packet inspection is like postmen opening mail, says WWW founder 11 Mar 2009

Management

US veterans win $20m payout over lost laptop

Major slap on the wrist for US Department of Veterans Affairs 28 Jan 2009

related whitepapers

today's top stories

Ecommerce

What does Windows 7 mean for Microsoft?

With the sting of Vista still fresh, Redmond has to make next Windows work 10 Jul 2009

Management

A smarter way to use BI

Getting the most from business intelligence systems requires not only careful management on the part of IT leaders, but also the committed involvement of decision-makers across the organisation 08 Jul 2009

Mainstream Matters

The truth behind the Google/Microsoft/NHS rumours

Before Monday 6 July, did you know that Google and Microsoft had services for storing health records? Thanks to an article in... 10 Jul 2009

Management

Quenching a thirst for IT modernisation

A substantial restructure at soft drink supplier Nichols -­ purveyor of Vimto - ­led the company to update its software to Sage 1000 to replace its in-house application. This resulted in the streamlining of the IT department and an opportunity to customise the system 08 Jul 2009

Management

How Satyam cleaned up its act

Chief executive CP Gurnani tells Angelica Mari why Tech Mahindra opted to keep the Satyam brand after it bought the scandal-hit services firm, and explains what the deal means for existing and prospective customers 09 Jul 2009

> More news

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

More available - click 'submit' to view

Existing User

Newsletter user login:

Advertisement

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job

IT Salary Checker

  • Are you being paid what you are worth?
Check salary here

Advertisement

White papers

Search white papers

Top categories

VPN, Extranet and Intranet Solutions

WAN/ LAN Solutions

Network Security

Interoperability-Connectivity

Grid/ Utility Computing

Latest poll

Will Google Chrome OS be a genuine alternative to Windows?

Will Google Chrome OS be a genuine alternative to Windows?

Tell us your views on the new operating system rivalry

View poll results

> More polls

Latest audio and video articles

network cablesVideo

How to maximise the value of your IT networking investment

A panel of experts discuss networking strategies that deliver real value to business 03 Jul 2009

green footprintsVideo

How to manage enterprise energy use - and the role IT can play

A panel of experts explore how firms can get to grips with their carbon footprint and make smarter use of energy 01 Jul 2009

> More audio and video

Latest in-depth articles

Google ChromeAnalysis

Lack of enterprise appeal takes shine off Chrome OS

Enterprise buyers unlikely to ditch Windows for Chrome OS in the near term, say experts 09 Jul 2009

Satyam CEO CP GurnaniNews

How Satyam cleaned up its act

Chief executive CP Gurnani tells Angelica Mari why Tech Mahindra opted to keep the Satyam brand after it bought the scandal-hit services firm, and explains what the deal means for existing and prospective customers 09 Jul 2009

> More in depth articles

Advertisement

Primary Navigation