Stolen tape puts Bristol-Myers employee data at risk

[InfoSec News <alerts () infosecnews org>]

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9110485

By Brian Fonseca
July 22, 2008 
Computerworld

Bristol-Myers Squibb Co. officials last week confirmed that a 
nonencrypted backup tape containing the personal data of current and 
former employees and their dependents was stolen on June 4 from a 
delivery truck carrying the device.

Bristol-Myers spokeswoman Laura Hortas said the New York-based 
pharmaceutical company began notifying current, former and retired 
employees by mail on June 12 about the missing backup tape. 
Bristol-Myers would not disclose how many people are affected by the 
breach.

However, according to a security breach notification letter (download 
PDF [1]) sent by the company to the New Hampshire Attorney General's 
office, the personal data of 458 residents of that state was stored on 
the stolen tape.

[1] http://doj.nh.gov/consumer/pdf/bristol-myers.pdf

[...]


_______________________________________________      
Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com