Navy took more than a year to announce personal data breach

[kirniki <kirniki () gmail com>]

http://www.washingtonpost.com/wp-dyn/content/article/2010/04/01/AR2010040103745.html

In case of danger or a natural disaster, the U.S. Navy can rapidly
dispatch troops, fighter jets or relief supplies to troubled areas
around the world.

So why did it take the Navy 17 months to inform employees at the Naval
Facilities Engineering Service Center in Port Hueneme, Calif., that
their Social Security numbers had been inadvertently released?

The information was sent in May 2008 to three other employees whose
security access had been suspended for reasons unrelated to the
information breach.

E-mails obtained by The Washington Post indicate that Navy officials
quickly realized employees should be informed. But that was not done
until October 2009. The names of those sending and receiving the
messages were blocked out, but their offices, and in some cases their
positions, were not.
[..]
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php