|
|
laptop with full data of 33.000 travelers stolen. whoops.
|
|
|
|
Senior User
Join Date: Nov 2003
Status:
Offline
|
|
the full scoop
It puzzles me how a company can save the “name, address, SSi number, passport number, date of birth, etc.” unencrypted on laptops and just get away with it?
Anyway, they are going to have a lot of fun with the “Identity Theft Warranty” they have in their privacy policy (paragraph C):
Flyclear Privacy Policy
|
"The road to success is dotted with the most tempting parking spaces."
|
|
|
|
|
|
|
|
Moderator
Join Date: Jan 2001
Location: Polwaristan
Status:
Offline
|
|
Insane. How ironic if all those people wind up on the extra-screening list due to heightened risk of identity fraud.
|
|
|
|
|
|
|
|
|
Baninated
Join Date: Mar 2008
Status:
Offline
|
|
3. INFORMATION SECURITY
Clear and its subcontractors, pursuant to legal agreements, have a comprehensive information security program to ensure the privacy of Clear applicants and members as well as the integrity of our systems. We apply ID's and passwords to insure that access to systems and data is only on a need-to-know basis. We use encryption (a strong data coding process) for all program sensitive data communications. We apply firewalls to guard against outside intruders. We conduct periodic data security audits to check that the rules are being followed. TSA also conducts periodic audits to assure that we comply with their extremely high standards of data security. We have a continuous update process for Anti Virus protection and implement Operating Systems Security updates for our network infrastructure.
|
|
|
|
|
|
|
|
|
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status:
Offline
|
|
Originally Posted by lexapro
3. INFORMATION SECURITY
Clear and its subcontractors, pursuant to legal agreements, have a comprehensive information security program to ensure the privacy of Clear applicants and members as well as the integrity of our systems. We apply ID's and passwords to insure that access to systems and data is only on a need-to-know basis. We use encryption (a strong data coding process) for all program sensitive data communications. We apply firewalls to guard against outside intruders. We conduct periodic data security audits to check that the rules are being followed. TSA also conducts periodic audits to assure that we comply with their extremely high standards of data security. We have a continuous update process for Anti Virus protection and implement Operating Systems Security updates for our network infrastructure.
...none of which says anything about some employee having what may be their entire database in plain text on a laptop that isn't chained to his gonads to keep it from being stolen. This is horrendously BAD data security of epic proportions. If this laptop had held medical records of 33,000 patients, each and every one of those patients could sue under HIPAA and reap enormous settlements from the person who lost the data, whoever let that person have the data, and the company itself for its horrible data security. I wonder if anyone will even get a "sorry we vertically fornicated this thing so badly and lost your personal information," let alone any protection from ID theft, etc.
|
Glenn -----OTR/L, MOT, Tx
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|