Tuesday, September 13, 2005

Security, Security

VoIP provider, Packet8, exposed thousands of customer's email addresses. They were in a spreadsheet that was attached to a monthly newsletter. The newsletter is an opt in type and apparently the spreadsheet contained the email addresses of all of the newsletter's recipients or, about a third of Packet8's customers. The director of communications with the company tried to brush it off with this line:

"It was a one-time fluke. I do not expect it to happen again," said Citelli.

This was a bad mistake. If someone got a hold of the list, as the article notes, it exposes those customers to potential phishing attacks. Also, as the article correctly notes, there are many software companies that offer scanning software to prevent this sort of thing. Amazing...when the Internet is your business and you don't put in the failsafes that should be standard when operating on the Internet.

The Register reported today that seven in 10 discarded hard disk drives have porn on them. That's the good news! The bad news is that the company that determined this found out by purchasing the disk drives on eBay. Of course, the disks also contained spreadsheets, email, credit card info, etc. Repeat after me: encrypt, erase, destroy.

1 comment:

Albatross said...

I recently worked on security for a multi-billion-dollar patent infringement trial. At the end of the trial, the plaintiff (who won) paid to have every hard drive and data media in the company first erased, and then physically destroyed.

While an exhausing process, it's good that in this case someone "gets it."