The Core Dump

The Core Dump is the personal blog of Nic Lindh, a Swedish-American pixel-pusher living in Phoenix, Arizona.

[By Nic Lindh on Sunday, 23 November 2003]

Wells Fargo accounts in the wild

This is incredibly scary:A computer holding the names, addresses, Social Security numbers and account numbers of thousands of Wells Fargo customers was stolen from a consultant’s office in Concord earlier this month, bank officials said Friday.The bank is going to change the account numbers of affected customers, and also pay for “a year-long credit-monitoring service that will notify customers whenever there is activity in their credit bureau files.”

This goes to highlight a much bigger issue: Think about all those laptops going through airports all the time, many of them with highly sensitive information on them, like business plans, customer lists, product plans, etc. If the laptop is stolen, the data goes with it. In the case of the computer with the Wells Fargo data, it looks like a regular burglary where the computer was stolen as a part of everything else. So office computers also need protection.

If a person has physical access to a computer, the data on it is wide open, unless the drive itself is encrypted. If you have strong passwords (especially ones that aren’t taped to the computer), and use encryption on the drive, your data is infinitely more secure.

There are several products on Windows that will encrypt partitions, FreeBSD has gdbe, and Apple has FileVault.

You would think a bank would be aware of tools like this, and would make sure its consultants use them.

You have thoughts? Send me an email!