GE Money just announced that Iron Mountain, the leader is off site backup storage, lost one of their backup tapes. It wasn’t checked out of Iron Mountain but they can’t find it either…oops. An oops that could cause some pain for potentially 650,000 people. Naturally, GE says there was no indication of theft or fraudulent activity and they don’t mention if the tape was encrypted or not. (I am guessing not).

GE Money is saying that SSN’s, Credit Card information, address, and more could be on the tape. GE is going to pay for a year of credit monitoring for all of those they think might be on the tape.

I wonder how their Risk Assessment meetings went at GE…”We don’t need to worry about encryption, we ship our backups off-site to Iron Mountain.”

Many of the customers affected were J.C. Penney customers, a clothing retailer that relied upon GE Money to implement their credit card delivery and processing. Penney will receive some bad press about the incident and it wasn’t even their fault.

Hey, at least it wasn’t as bad as the TJ Max breach right?

This entry was posted on Thursday, January 17th, 2008 at 10:44 pm and is filed under Network security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.