Déjà vu. All over again. And again. Yet another data security break, as if the scores of breaches announced earlier weren’t already enough. A short while ago, I posted about a tally of the security breaches indicating that the personal data of over 5 million people had been leaked or improperly accessed. Now this, from the AP:
CitiFinancial, the consumer finance division of Citigroup Inc., said Monday it has begun notifying some 3.9 million U.S. customers that computer tapes containing information about their accounts — including Social Security numbers and payment histories — have been lost.
Citigroup, which is based in New York, said the tapes were lost by the courier UPS Inc. in transit to a credit bureau.
That puts the tally at over 8 million people. Something is seriously wrong with the way personal data is maintained and used. Back in 2004, I wrote in my book: “Companies collect and maintain our information; they often use it for a myriad of new purposes; and they are frequently careless about the security of our data.” It would be nice to say that I was making a profound point, but it was an obvious observation — even back before the news of all the data leaks. Hopefully, lawmakers will recognize it as obvious now.
Posted by Daniel Solove on June 6, 2005 at 04:01 PM