Interesting People mailing list archives

more on LAST TIME I USE HOTELS.COM djf Ernst & Young laptop loss exposes 243,000 Hotels.com customers

From: David Farber <dave () farber net>
Date: Fri, 2 Jun 2006 16:38:16 -0400



Begin forwarded message:

From: security curmudgeon <jericho () attrition org>
Date: June 2, 2006 4:33:57 PM EDT
To: David Farber <dave () farber net>
Cc: ip () v2 listbox com

Subject: Re: [IP] more on LAST TIME I USE HOTELS.COM djf Ernst &Young laptop loss exposes 243,000 Hotels.com customers



: Sorry but I think responsibility is shared. I gave hotels.com my
: information with the belief they would protect it. They did not demand
: or audit the people they gave it to.
:
: I will not use them again till they assure me that they and ALL their
: "agents" protect it.

That is the real key here, and with any 'data loss' incident I think.
People make mistakes, information *will* be lost from time to time, and
there isn't much we as consumers can do about it.

However, once a company has such an incident, their response should
dictate if you keep taking your business to them. Do they now demand a
better audit trail of such information? Do they still do business with
the company that lost the information? Were they honest and up front
about the incident? Are they taking additional steps to avoid additional
losses?

Based on those questions, decide if they should continue to earn your
business.

: While this shouldn't be as embarassing to E&Y as Enron was to Arthur
: Anderson, it's still a real concern that they're not more careful with
: customer data. At minimum they ought to be using encrypted disk drives
: for all of that.

This should be entirely embarassing to E&Y. So much so that they take a
step back and consider their business.

http://attrition.org/dataloss

Ernst & Young / Hotels.com - [2006-06-01]

(Names, addresses, and credit card information for 243,000 on stolenlaptop)


Ernst & Young - [2006-03-15]

(Another stolen laptop contains names and Social Security numbers ofIBM employees)


Ernst & Young - [2006-02-25]
(Stolen laptop contains names and Social Security numbers)

Perhaps this is just a string of unfortunate incidents, or perhapsthis isa trend and we're only seeing part of the story. How many laptops didE&Ylose before 2006? If we want to manipulate the data above to generatesome

flashy statistics we could say that E&Y averages 6 laptop thefts a year
resulting in serious dataloss!


-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Current thread:

more on LAST TIME I USE HOTELS.COM djf Ernst & Young laptop loss exposes 243,000 Hotels.com customers David Farber (Jun 02)
- <Possible follow-ups>
- more on LAST TIME I USE HOTELS.COM djf Ernst & Young laptop loss exposes 243,000 Hotels.com customers David Farber (Jun 02)
- more on LAST TIME I USE HOTELS.COM djf Ernst & Young laptop loss exposes 243,000 Hotels.com customers David Farber (Jun 02)