« Waiting on Fitzgerald | Main | Swing and a painful miss »

July 28, 2005

That "secure" data gets lost again

The only surprise is that the call from the credit union this week was so long in coming. A credit card with both my name and my son's on it has been revoked. It's been compromised; a new card with a new account number will be mailed soon.

This time the breach in security was at the University of Iowa Book Store. I saw the story June 1 and knew there would be an excellent chance the incident would touch us since he's a student in Iowa City.

The hackers invaded the computer there May 13; don't know why it took two months for the credit-card company to decide to take action. As far as I know the info hasn't been mis-used but that's a big window of opportunity.

It's the fourth time in the last 18 months that one or another member of the family has been issued a new credit card or ATM card because someone somewhere failed to keep hackers and thieves from getting at their "secure" files.

All of which serves to remind that we need to make very sure the Real ID act never goes into effect. There ain't no such thing as perfectly secure data.


Posted by jcb at July 28, 2005 03:00 PM

Comments

I was affected by it too, but my credit union had informed me in May. When I asked my credit union (here in Iowa City) about it they wouldn't tell me where the breach occurred which I found to be annoying. Since it was all over the papers here and the bookstore has been forthcoming about the incident it wasn't too hard to figure it out, but it makes me wonder how often this happens and it is swept under the rug by the banks and the company whose security was breached.

My understanding of the security breach at the bookstore is that it was something that could have been very easily avoided using basic best security practices. I really hope in the future people start holding businesses more accountable for letting customer data fall into the wrong hands.

Posted by: T at July 28, 2005 05:57 PM

A lot of times the "breach" is nothing more than somebody who physically works in the store, and has nothing to do with insecure data online... or an old computer is left out for the trash that still has sensitive info on the hard drive!

Posted by: Anonymous at August 1, 2005 03:09 PM