BreachExchange mailing list archives
Re: UK: Police personal data found on discarded floppy
From: Adam Shostack <adam () homeport org>
Date: Wed, 26 Dec 2007 22:07:05 -0500
On Thu, Dec 27, 2007 at 02:56:04AM +0000, lyger wrote: | On Wed, 26 Dec 2007, Dan O'Donnell wrote: | ": " <http://news.bbc.co.uk/1/hi/england/devon/7160490.stm> | ": " | ": " Police data details found at dump | ": " A senior police officer has apologised after confidential details of | ": " staff were found on a dump in Devon. | ": " | ": " The details, on a floppy disk, included names, addresses, telephone | ": " numbers and ranks of employees of Devon and Cornwall Police. | ": " | ": " The disk was in an obsolete computer that had been used by the force | ": " and had been sent for recycling. | | While losing the personal information of police officers is certainly a | concern due to the nature of their jobs, I've noticed other recent reports | of general "data loss" involving not much more than names, addresses, and | sometimes phone numbers. Should this generally be considered "personal | information" if such data can usually be found in a phone book or | Google (for most people anyway)? Just a thought and something we consider | when including (or not including) breach data on attrition's data loss web | page and database... I suspect this one is inclusion-worthy. The addresses and personal phone numbers of police officers are usually protected for reasons of personal security. Similarly, many women chose to protect their home addresses. When Ameritrade lost control of email, it may have been a broader breach. To turn it around, I want as much disclosure as I can get, so we can better analyze what's happening in computer security. Why not include broadly? Adam _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- UK: Police personal data found on discarded floppy Dan O'Donnell (Dec 26)
- Re: UK: Police personal data found on discarded floppy lyger (Dec 26)
- Re: UK: Police personal data found on discarded floppy Adam Shostack (Dec 26)
- <Possible follow-ups>
- Re: UK: Police personal data found on discarded floppy Michael Hill, CITRMS (Dec 26)
- Re: UK: Police personal data found on discarded floppy lyger (Dec 26)
- Re: UK: Police personal data found on discarded floppy Chris Walsh (Dec 26)
- Re: UK: Police personal data found on discarded floppy Brian Honan (Dec 27)
- Re: UK: Police personal data found on discarded floppy lyger (Dec 26)
- Re: UK: Police personal data found on discarded floppy lyger (Dec 26)