BreachExchange mailing list archives
followup: TSA Demands Encryption Following Dual Laptop Loss
From: security curmudgeon <jericho () attrition org>
Date: Wed, 17 Oct 2007 05:48:06 +0000 (UTC)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://www.eweek.com/article2/0,1895,2199122,00.asp By Lisa Vaas eWeek.com October 16, 2007 All data must be encrypted, the TSA orders, after the loss of laptops holding hazmat driver data. Following the loss and possible theft of two laptops containing the personal data of 3,930 truckers who handle hazardous materials, the Transportation Security Administration has mandated that contractors must encrypt any and all data on top of any deletion policies they have in place. According to a letter the TSA sent to lawmakers on Oct. 12, the laptops - both of which belonged to a TSA contractor - contain names, addresses, birthdays, commercial driver's license numbers and, in some instances, Social Security numbers of the affected truckers. First, one laptop was lost. At that time, the contractor, L-1 Identity Solutions' Integrated Biometric Technology division, told the TSA that the truckers' information had been deleted from the system, TSA Public Affairs Manager Ann Davis told eWEEK. Then, another laptop disappeared. After the second theft or loss, the TSA conducted an IT forensic investigation that ascertained that the deleted information could be retrieved if a thief had the proper training. [..] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- followup: TSA Demands Encryption Following Dual Laptop Loss security curmudgeon (Oct 17)