Saturday, November 04, 2006

Starbucks Joins the "Data Breach Hall of Shame" by Compromising 60,000 "Partners" (Employees)

According to the Privacy Rights Clearinghouse -- which tracks data breaches where personal and financial information was compromised -- 97,148,596 million people have had their personal information exposed since February 2005.

Now Starbucks has joined their list by compromising their "own." Four laptops have mysteriously "gone missing" from their corporate headquarters - two of them contained the information of 60,000 "partners" (employees).

My question is - what was on the other two?

In keeping with keeping these breaches as quiet as possible, it's being reported that Starbucks has been looking for the missing laptops since September.

And of course, the official spin from Valerie O'Neil, their spokesperson is, "The company has not received any reports that anyone's personal information has been compromised."

Ms. O'Neil, there might be a reason for this - Thomas Harkins - who was operations director for MasterCard International's fraud division for about twenty years (now COO of the security firm Edentify) told TopTech news:

"There's so many stolen identities in criminals' hands that (identity theft) could easily rise 20 times." "The criminals are still trying to figure out what to do with all the data."

Since "good identities" fetch a measly $10.00 (estimate) each in these carder forums, the "insider" - who is more than likely responsible for this - could make quite a bit of money for their misdeed.

Ms. O'Neil also stated that we don't have to worry about any secret recipe's being on the stolen laptops. Please note the news account stated she "chuckled" when saying this.

Does this mean that Starbucks values their recipes more than their employees? Would they leave recipes "unattended" on outdated laptops gathering dust in a closet?

Missing laptops are a common theme in data breaches and with all the previously reported breaches, the entire affair bespeaks a lack of "common sense" when it comes to security.

After all - most of these breaches we read about could have been avoided - with a little "common sense."

So far as the victims of all this - the employees compromised - the FTC has a lot of good information on what you should do to protect yourself, here.

To read the press version of this story from the AP (courtesy of the Washington Post), click on the title of this post.

1 comment:

Anonymous said...

Gez, ya think after all the other disappearance of laptops, companies would have cracked down more.

Dang, that numnber is alot!

Keep up the geat work ed!
FTGF!