IBM loses tapes with employee personal info

Share this article:

IBM, which invented magnetic tape storage more than 50 years ago and has since emerged as a leading provider of data encryption, has lost an undisclosed number of backup tapes containing the personal information of employees.

The tapes were "inadvertently" lost Feb. 23 while a third-party vendor was transporting them from an IBM location in Westchester County, N.Y. to a permanent storage facility, company spokesman Fred McNeese told SCMagazine.com today.

He said some of the tapes, depending on what information they were carrying, were encrypted, while others were not. IBM would not reveal how many tapes were lost or how many employees – many of them retirees – were affected, but McNeese said the tapes cannot be accessed on a PC and none of the data has been misused.

"It’s a plural number (of affected people)," McNeese said. "We don’t know if anybody’s got them (the tapes), but if someone’s got them, we don’t want to give them additional information."

IBM began notifying victims in early April, telling them the tapes contained "employment information," such as names, Social Security numbers, birth dates and work history, he said.

IBM is best known in the security space for its $1.3 billion purchase last year of Internet Security Systems, a network security management provider. But IBM also is entrenched in the identity management space with its Tivoli solutions, in addition to its product offerings for mainframe security and tape encryption.

McNeese said that despite IBM’s investment in the security marketplace, all companies responsible for securing private data are susceptible to breaches.

"I think what it shows is the vulnerabilities that information is subject to, and it shows the need for constant vigilance," he said. "We’re taking this seriously. We’re looking at all aspects of this incident."

The company also is planning to review its data transport procedures, but McNeese said the vendor that lost the tapes is still an IBM client.

Get more IT security news. Click here for SC Magazine Blogs.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Florida Supreme Court rules warrants a must for real-time cell location tracking

Florida Supreme Court rules warrants a must for ...

The Florida Supreme Court put the kibosh on warrantless real-time tracking using location data obtained from cell phone providers.

Modular malware for OS X includes backdoor, keylogger components

Modular malware for OS X includes backdoor, keylogger ...

The modular malware was named "Ventir," by researchers at Kaspersky.

Fake Dropbox login page nabs credentials, is hosted on Dropbox

Fake Dropbox login page nabs credentials, is hosted ...

Symantec researchers received a phishing email linking recipients to a fake Dropbox login page that is hosted on Dropbox's user content domain and served over SSL.