Bank Sends Sensitive E-mail to Wrong Gmail Address, Sues Google

[kirniki <kirniki () gmail com>]

http://www.wired.com/threatlevel/2009/09/bank-sues-google/

A Wyoming bank sent an e-mail containing sensitive customer data to
the wrong Gmail account, and now wants Google to reveal the identity
of the account holder who received the data.

According to a court document in the case, in August a customer of the
Rocky Mountain Bank asked a bank employee to send certain loan
statements to a representative of the customer. The employee, however,
inadvertently sent the e-mail to the wrong Gmail address.
Additionally, the employee had attached a sensitive file to the e-mail
that should not have been sent at all.

The attachment contained confidential information on 1,325 individual
and business customers that included their names, addresses, tax
identification or Social Security numbers and loan information.

After realizing what he’d done, the employee “tried to recall the
e-mail without success.”

When that didn’t work, the employee sent a second e-mail to the
recipient instructing the person to delete the e-mail and attachment
“in its entirety” without opening or reviewing it. The employee also
asked the recipient to contact the employee to “discuss his or her
actions.”]

[..]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php