BreachExchange mailing list archives
O2 Ireland admits it lost backup data from September 2011, says “low risk” to privacy of 1.3m customers
From: Erica Absetz <eabsetz () opensecurityfoundation org>
Date: Wed, 5 Dec 2012 11:53:16 -0500
http://thenextweb.com/eu/2012/12/05/o2-ireland-admits-to-backup-data-loss-from-september-2011-says-low-risk-to-privacy-of-1-3m-customers/ Telefonica-owned mobile operator O2 has admitted that a tape used for routine daily backups at its Irish offices went missing in September 2011,posting a message to its website to warn customers that it may contain some personal data held on the company’s servers at that time. O2 Ireland, which was only recently notified by its IT support company IBM, believes the risk of customer privacy issues to be low and notes that while the tape is still unaccounted for, it could still be present within O2′s offices. To ensure that it is doing all it can to minimise privacy risks, the company immediately launched an investigation into the data that the drive held, notifying the Data Protection Commissioner of the issues and working with it ever since. O2 doesn’t know the extent of the data on the drive, but says that backups are secured in files that need specialist technology to open them. While it’s possible it could hold some customer data, the operator says “it is more likely that it simply contained information about O2′s normal business affairs and company information.” The Office of the Data Protection Commissioner believes the issue is serious, but because there it is highly likely the tape was lost internally, customers should not be too concerned. _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- O2 Ireland admits it lost backup data from September 2011, says “low risk” to privacy of 1.3m customers Erica Absetz (Dec 05)