[Fwd: Update: Bank of New York Mellon - 25 firms identified on lost tape]

[Arshad Noor <arshad.noor () strongauth com>]

After nearly 5 years of breach disclosures (CA's SB-1386 went into
effect on July 1, 2003), such disclosures make it painfully obvious
that Breach Disclosure laws need updating.  Until companies start
disclosing technical and process weaknesses that led to the breach,
the industry learns nothing.

Arshad Noor
StrongAuth, Inc.

-------- Original Message --------
Subject: [Dataloss] Update: Bank of New York Mellon - 25 firms 
identified on   lost tape
Date: Fri, 30 May 2008 21:57:09 -0400
From: rchick <rchicker () etiolated org>
To: dataloss () attrition org

http://www.courant.com/business/hc-mellon0531.artmay31,0,4423158.story

25 Firms With Data On Lost Tape Identified
May 31, 2008

The missing Bank of New York Mellon computer tape reported last week
contained information about nearly 500,000 Connecticut residents from
a large number of companies, said state officials, who identified 25
of the companies on Friday.

New York Mellon, which was responsible for the tape, has upped its
fraud protection offer from one year to two years. The company has
agreed to provide two years of free credit monitoring, including
$25,000 in identify theft insurance and free credit freezes to people
affected by either security breach.

New York Mellon had been under pressure from Attorney General Richard
Blumenthal and other Connecticut officials to boost its protection
offer. Among the 497,333 Connecticut residents affected, 403,894 were
depositors of People's United Bank, which said last week it is relying
on New York Mellon to notify its depositors.

Other companies affected were John Hancock Financial Services Inc.,
33,586 shareholders; and The Walt Disney Co., 18,361 shareholders. The
rest had fewer than 10,000 Connecticut residents.
[..]

Stratton said Mellon must provide "at least seven years of credit
monitoring and credit insurance."

The 25 companies identified Friday are: Bank of New York Mellon Corp.,
People's United Financial Inc., John Hancock Financial Services Inc.,
The Walt Disney Co., TD Bank Financial Group, Hudson United Bancorp,
United Parcel Service Inc., Wachovia Corp., MetLife Inc., Hudson City
Bancorp, Eastman Kodak Co., Burlington Resources, Providian Financial,
Penn Fed Financial, ADESA Inc., Alcatel-Lucent, Odyssey America
Reinsurance Corp., Seacoast Financials Services Corp., Viewpoint Bank,
Diamond Shamrock, Sound Federal Bancorp, Big Lots Inc., Guidant Corp.,
New York Community Bancorp and ACE Ltd.

[..]
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml