At a time when many in federal and state government are calling for better data theft disclosure and accountability laws, it seems ironic that the US authorities themselves may be guilty of trying to cover up the largest incident of recent months.
According to CNN & USA Today, an insider has admitted that authorities waited three weeks before notifying the public about the theft of 26.5 million veterans’ personal data. If this is indeed the case, what hope is there that an effective law demanding the prompt disclosure of important data thefts like this will ever be passed?
If reports that the stolen data was contained on an external drive are proven correct, it once again raises the security issues surrounding mobile storage devices - which are inherently insecure. With many encryption technologies now easily (and cheaply) available, organizations need to re-think how they store data outside the corporate network.
After all, while portable devices may be seen as ‘disposable’ due to their low cost, the data they contain certainly isn’t…
