Butler Group Analyst Says Organizations Must Begin Encrypting All Data

The UK's Halifax Bank has admitted documents stolen from one of its employees contained data about13,000 mortgage customers. However, unlike most of the other breaches that come to light, this one involved printed documents taken when a briefcase was stolen.

By None

The UK’s Halifax Bank has admitted documents stolen from one of its employees contained data about13,000 mortgage customers. However, unlike most of the other breaches that come to light, this one involved printed documents taken when a briefcase was stolen.

It is the latest of a string of thefts involving sensitive customer data in the UK, although there are many more instances that we are never made aware of. Most involve data stolen in an electronic format that is not encrypted and can therefore be read by the thief.

Sue Clarke, senior research analyst with European IT research and advisory organization Butler Group said organizations must consider encrypting sensitive data — those that leave organizational boundaries as well as data that don’t. In the case of the latter she points to TJX, the parent company of TK Maxx in the UK, which has revealed it suffered unauthorized intrusion of its systems that handle the credit card, debit card, check and merchandise return transactions for most of its stores in North America and Puerto Rico.

In her view, now is surely the time for a disclosure law in the UK similar to that introduced in US states such as California.

«