Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
[Dataloss] Wells Fargo Not Required to Encrypt Data
From: lyger (lygerattrition.org)
Date: Fri Apr 14 2006 - 16:34:52 CDT
What: Wells Fargo Bank customers sue after their personal financial data
was stolen from a contractor that had not encrypted the information.
When: U.S. District Judge David Doty in Minnesota ruled on March 16.
Outcome: Wells Fargo was found not to be negligent because the information
was never misused by the thieves.
What happened, according to court documents: Wells Fargo had hired Regulus
Integrated Solutions to print monthly statements for certain customers who
had mortgages and student loans from its subsidiaries. In October 2004,
thieves stole computers from Regulus with unencrypted customer information
including names, addresses, Social Security numbers and account numbers.
A few weeks later, Wells Fargo alerted its customers and offered to
provide identity protection services.
There has never been any indication to date that thieves did anything with
the data (in other words, they appear to have been after the computer
Nevertheless, two of the bank's customers, Kristine Forbes and Morgan
Koop, filed a class action suit anyway. They claimed that Wells Fargo was
liable for emotional distress (including fear, anxiety and worry),
negligence, breach of contract and breach of fiduciary duty. Forbes and
Koop claimed that Wells Fargo owed them a cash payout because they had to
spend extra time monitoring their credit reports.
Dataloss Mailing List (datalossattrition.org)