Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Auditor loses data on thousands of McAfee employees

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Auditor loses data on thousands of McAfee employees
Date: Mon, 27 Feb 2006 01:09:16 -0600 (CST) 
http://www.computerworld.com/securitytopics/security/story/0,10801,109003,00.html

By Robert McMillan
FEBRUARY 24, 2006
IDG NEWS SERVICE

McAfee Inc.'s auditor, Deloitte & Touche USA LLP, may be thinking of
buying some security software itself, after a Deloitte employee left
an unencrypted CD containing sensitive information on thousands of
McAfee employees in the back of an airline seat in December.

The backup CD contained names, Social Security numbers and information
on stock holdings held by over 9,000 of McAfee's current and former
employees, company spokeswoman Siobhan MacDermott confirmed today.

The information concerned McAfee's U.S. and Canadian employees hired
prior to 2005, amounting to about 6,000 former employees and 3,290
current staffers, MacDermott said. The CD was left on the airplane on
Dec. 15, she said.

McAfee was informed of the incident on Jan. 11, nearly a month after
the disk was lost. After a Deloitte investigation determined who had
been affected, McAfee began notifying employees of the situation via
postal mail. The last of these notification letters was sent out last
week, MacDermott said.

All of those who were affected by the data loss are being given two
years' worth of free credit reports, provided by the Experian
Information Solutions Inc. credit bureau, she said.

"We have no reason to believe that there's been or that there will be
any unauthorized access to the information," MacDermott said.

McAfee is now in the process of changing its corporate policies to
ensure that this type of data loss does not occur in the future,
MacDermott said. "We're certainly reviewing how third parties work
with our data," she said. "We're working to make sure that we don't
have Social Security information on these types of files moving
forward."

Deloitte spokesman Jeffrey Zack confirmed that a "Deloitte and Touche
employee left an unlabeled backup CD in an airline seat pocket, and
the lost disk may contain certain personal information on current and
former employees." He would not comment on why the CD was not
encrypted.

Designed to protect data while "in transit and storage," McAfee's own
E-Business Client lets users encrypt files "with no technical training
or experience," according to the company's Web site.



_________________________________
InfoSec News v2.0 - Coming Soon! 
http://www.infosecnews.org
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Auditor loses data on thousands of McAfee employees, InfoSec News <=
Previous by Date:  [ISN] ISC2 official guide plagiarism, InfoSec News
Next by Date:  [ISN] Ernst & Young fails to disclose high-profile data loss, InfoSec News
Previous by Thread:  [ISN] ISC2 official guide plagiarism, InfoSec News
Next by Thread:  [ISN] Ernst & Young fails to disclose high-profile data loss, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]