Drsolly wrote: > The Inland revenue have lost CDs containing the names, addresses, National > Insurance Number and bank details, for about half the population of the > country. > > http://news.bbc.co.uk/1/hi/uk_politics/7104840.stm
But note -- "password-protected" CDs. OK, so some junior-ish clerks broke protocol and didn't use receipt- required courier tracking (and maybe didn't use a suitably secure courier service?), BUT the big issue is how strong is the "password protected" bit of this? Unlike so many other recent data loss incidents, it seems that at least the data is encrypted which means (if this bit was done properly _AND_ the proper procedure was well-designed) that there is actually no _data_ loss. "Noise loss" maybe, but no meaningful data loss. The authorities though don't seem to be stressing this so maybe the "password protection" bit of this is known to be not very effective? Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
