Another day, another data leak: a CD containing the personal information of 2.9 million Georgia residents has been lost by a contractor, potentially exposing them to identity theft. Even such a big leak is hardly notable these days, except for one factor -- the disk was lost by Affiliated Computer Services, a company that's been responsible for several other data leaks. An ACS computer got stolen in Denver last November, and on it was personal information of between 500,000 and 1.4 million people in Colorado. A few months earlier, a glitch on a student-loan web site run by ACS exposed the information of 21,000 students, while earlier in the year, credit-card data from seven years' worth of customers was stolen from a system run by ACS at the Denver airport. Rounding out the list -- or at least the list of ACS-related incidents that made it into the media -- is the theft of two of the company's laptops with data on tens of thousands of Motorola employees in May 2005. This company clearly has a problem with protecting personal information, but it doesn't appear that there are ever any repercussions to these losses. It just accepts whatever minimal fines, if any, it has to pay, and paying for some credit monitoring, as a cost of doing business. The fact that these problems keep happening to ACS reflect how seriously many companies take the threat of identity theft -- which is to say, not seriously at all. But perhaps more distressing is that with the company's track record, government officials don't seem to have any problem passing ACS personal information with little to no oversight.
Now if you didn't utter the words or even think the words..."WHAT THE F(*K!" after reading that...you are far more forgiving than me. How in the hell does this company stay in business with a track record like that. If my figures are correct in what we know, with the exclusion being that unnamed number in the 7 years of credit info and the tens of thousands number of the Motorola fiasco, they have subjected at least 4.3 million people's info to fraudulent activity or the potential of. I ask again...how in the hell do they stay in business? I can assume that their customers care less about the security of their clients than ACS does about the data they were supposed to protect. You can't tell me that there isn't another company that can provide security for this information, as ACS has apparently failed miserably at doing so. I can't see how any other company could do worse with people's private information. For all those people that use this company for security...FIND SOMEONE ELSE, IT ISN'T WORKING AT ACS! Here I thought that you had to be competent to do something like security...apparently not...with that I might have a new career!
No comments:
Post a Comment