The Massachusetts Attorney General Office announced that it had reached a settlement agreement with Belmont Savings Bank after the bank had failed to protect consumers information during a May 2011 data breach. The terms of the settlement includes a $7,500 fine and:
"... Belmont Savings Bank must ensure the proper transfer and inventory of backup computer tapes containing personal information; store backup computer tapes containing personal information in a secure location; and effectively train the members of its workforce on the policies and procedures with respect to maintaining the security of personal information."
The bank lost an unencrypted backup computer tape containing the names, Social Security numbers, and account numbers of more than 13,000 Massachusetts residents after a bank employee failed to follow the bank’s data security policies and procedures. The employee left the computer tape on a desk instead of storing it in a vault overnight.
According to Attorney General Coakley:
“Consumers expect businesses to not only develop policies and procedures to safeguard their sensitive personal information, but to follow these procedures as well... Our office will continue to take action against companies that fail to follow protocol to protect the information entrusted to them by consumers.”
Good. We'll be watching.