How Safe Is Your Credit Card Company?
What Does Your C.L.U.E. Insurance Report Say About You?

In The News

InformationWeek Magazine's Security Weblog featured I've Been Mugged in an August 6, 2007 article titled "IBM Lost His Data... A Follow Up Story by Michael Singer. (The article also appears at Family and Twist.) Even though I'd written to InformationWeek via e-mail, I was pretty surprised by the attention I've Been Mugged received. Frankly, I haven't been blogging that long. So I'd publicly like to thank Mr. Singer for his article.

Mr. Singer's article emphasized many of the points from my July conversation with IBM. The Pogo Was Right blog also covered the InformationWeek article.

Some excerpts from InformationWeek's Security blog:

"George is an ID theft victim whose personal data was potentially exposed after an incident involving IBM. While IBM has graciously extended its hand to help fix the problem, George hasn't been completely happy with how things are turning out. His story may have lessons for the rest of us."

"IBM spokesman Fred McNeese was generous enough to answer that George previously worked for Lotus Development Corp. prior to IBM purchasing it. IBM's human resource records would have come over to IBM as part of the purchase. Fred also said that "Yes, IBM is still doing business with the vendor involved in the incident," but declined to go further."

Mr. Singer makes points which cannot be over-emphasized:

"But what have we learned by George's experience? First off, even if you no longer work for a company, it is very likely that your data will. And... your permanent record could wind up in the hands of another corporation and it may be months before you hear about your information being compromised. Does this mean that we all need to be diligent on how even our former companies are faring? That could be problematic in an environment where workers change jobs frequently and consolidation of companies has become commonplace."

"Secondly, hiring the same consulting company both for IBM's corporate investigation needs and as a credit-monitoring service is not illegal or unethical, but it may raise some eyebrows with the people you are trying to help."

Next entry: what does your C.L.U.E. insurance report say about you?


Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.