OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
[Dataloss] TJX: Retail privacy breach foreseeable and preventable, probe finds

From: lyger (lygerattrition.org)
Date: Wed Sep 26 2007 - 18:17:29 CDT


  Retail privacy breach foreseeable and preventable, probe finds

  Carly Weeks, CanWest News Service
  Published: Tuesday, September 25, 2007

  MONTREAL - The massive security breach that hit TJX Cos. earlier this year
  was both foreseeable and preventable, concludes an investigation by the
  federal and Albertan privacy commissioners.

"The company collected too much personal information, kept it too long and
  relied on weak encryption technology to protect it - putting the privacy
  of millions of its customers at risk," federal privacy commissioner Jennifer
  Stoddart said Tuesday.

  The investigation found the company breached federal and Alberta privacy
  laws, which are designed to protect how companies use and collect personal
  information.

  The company must make numerous changes to the way it collects and uses
  customer data, the investigation has concluded. For instance, while the
  company will continue to ask for a driver's licence to complete customer
  returns, it will now instantly convert the numbers into a unique
  identifier and delete the driver's licence number.

[...]
_______________________________________________
Dataloss Mailing List (datalossattrition.org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml