Lifelock worries after employee data leaked to Web

[security curmudgeon <jericho () attrition org>]

http://www.computerworld.com/s/article/9177353/Lifelock_worries_after_employee_data_leaked_to_Web?source=rss_news

Lifelock worries after employee data leaked to Web
By Robert McMillan
May 25, 2010 10:28 PM ET

IDG News Service - It may be OK for identity theft protection vendor 
Lifelock to publish its CEO's Social Security number, but when it comes to 
other company employees, that's another story.

The company has asked the Phoenix New Times to remove a police report from 
its Web site after discovering that it contained a redacted Social 
Security number of Lifelock employee Tamika Jones. The number could be 
read by simply cutting and pasting the PDF document into another word 
processing program, a common problem with poorly-redacted documents.

Also in the police report: Jones's date of birth, address, phone number, 
and address.

"Yesterday, Christy O'Connor of LifeLock called New Times and asked us to 
remove the link to the PDF document," the New Times reporter Ray Stein 
wrote in a Tuesday story. "The smart-ass in us couldn't resist giving 
O'Connor, LifeLock's associate general counsel, some grief."

After Stein pointed out that Jones works for a company that promises to 
protect customers from identity theft, before it happens, the newspaper 
agreed to post a properly redacted version of the document on its Web 
site.

[..]
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php