IBM loses tapes with employee personal info

Share this article:

IBM, which invented magnetic tape storage more than 50 years ago and has since emerged as a leading provider of data encryption, has lost an undisclosed number of backup tapes containing the personal information of employees.

The tapes were "inadvertently" lost Feb. 23 while a third-party vendor was transporting them from an IBM location in Westchester County, N.Y. to a permanent storage facility, company spokesman Fred McNeese told SCMagazine.com today.

He said some of the tapes, depending on what information they were carrying, were encrypted, while others were not. IBM would not reveal how many tapes were lost or how many employees – many of them retirees – were affected, but McNeese said the tapes cannot be accessed on a PC and none of the data has been misused.

"It’s a plural number (of affected people)," McNeese said. "We don’t know if anybody’s got them (the tapes), but if someone’s got them, we don’t want to give them additional information."

IBM began notifying victims in early April, telling them the tapes contained "employment information," such as names, Social Security numbers, birth dates and work history, he said.

IBM is best known in the security space for its $1.3 billion purchase last year of Internet Security Systems, a network security management provider. But IBM also is entrenched in the identity management space with its Tivoli solutions, in addition to its product offerings for mainframe security and tape encryption.

McNeese said that despite IBM’s investment in the security marketplace, all companies responsible for securing private data are susceptible to breaches.

"I think what it shows is the vulnerabilities that information is subject to, and it shows the need for constant vigilance," he said. "We’re taking this seriously. We’re looking at all aspects of this incident."

The company also is planning to review its data transport procedures, but McNeese said the vendor that lost the tapes is still an IBM client.

Get more IT security news. Click here for SC Magazine Blogs.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

ShellShock vulnerability exploited in SMTP servers

Researchers at Trend Micro found that attackers were targeting Simple Mail Transfer Protocol (SMTP) servers to execute malicious code and an IRC bot.

Hackers grab email addresses of CurrentC pilot participants

Hackers grab email addresses of CurrentC pilot participants

Although the hack didn't breach the mobile payment app itself, consumer confidence may be shaken.

Operators disable firewall features to increase network performance, survey finds

Operators disable firewall features to increase network performance, ...

McAfee found that 60 percent of 504 surveyed IT professionals prioritize security as the primary driver of network design.