IBM loses tapes with employee personal info

Share this article:

IBM, which invented magnetic tape storage more than 50 years ago and has since emerged as a leading provider of data encryption, has lost an undisclosed number of backup tapes containing the personal information of employees.

The tapes were "inadvertently" lost Feb. 23 while a third-party vendor was transporting them from an IBM location in Westchester County, N.Y. to a permanent storage facility, company spokesman Fred McNeese told SCMagazine.com today.

He said some of the tapes, depending on what information they were carrying, were encrypted, while others were not. IBM would not reveal how many tapes were lost or how many employees – many of them retirees – were affected, but McNeese said the tapes cannot be accessed on a PC and none of the data has been misused.

"It’s a plural number (of affected people)," McNeese said. "We don’t know if anybody’s got them (the tapes), but if someone’s got them, we don’t want to give them additional information."

IBM began notifying victims in early April, telling them the tapes contained "employment information," such as names, Social Security numbers, birth dates and work history, he said.

IBM is best known in the security space for its $1.3 billion purchase last year of Internet Security Systems, a network security management provider. But IBM also is entrenched in the identity management space with its Tivoli solutions, in addition to its product offerings for mainframe security and tape encryption.

McNeese said that despite IBM’s investment in the security marketplace, all companies responsible for securing private data are susceptible to breaches.

"I think what it shows is the vulnerabilities that information is subject to, and it shows the need for constant vigilance," he said. "We’re taking this seriously. We’re looking at all aspects of this incident."

The company also is planning to review its data transport procedures, but McNeese said the vendor that lost the tapes is still an IBM client.

Get more IT security news. Click here for SC Magazine Blogs.

Share this article:

Sign up to our newsletters

More in News

New backdoor 'Baccamun' spreads through ActiveX exploit

Symantec researchers revealed that the backdoor is dropped after attackers exploit a Windows ActiveX vulnerability.

Outdated browsers put U.K. users at risk of malware

A blog post on Check and Secure website said 70 percent of U.K. users haven't fully updated their internet browsers

Survey: 53 percent change privileged logins quarterly

A Lieberman Software survey highlights the issue or poor password management, even among security pros.