Backup Tape Loss Spurs Call for Better Privacy, Security

When Bank of America lost computer backup tapes containing personal information such as Social Security Numbers on 1.2 million federal employees -- including U.S. Senators such as Pat Leahy and Defense Department employees -- it exposed them to identity theft and has led to speculation as to how to better protect privacy of databases. Leahy has asked for an inquiry into the need for more regulation of personal data.

According to published accounts, such backup data is seldom encrypted, but requires special software to assemble the records from the tapes.

Gail Hillebrand, senior attorney for Consumers Union said that "Once again, consumers have been put at risk of identity theft because sensitive customer information held by a financial institution has been compromised. This is another reminder of how vulnerable consumers are to having their personal and financial information fall into the wrong hands.

"For the 1.2 million federal workers who have had their records compromised as a result of these lost tapes," said Hillebrand, "a 90-day fraud alert is simply not good enough. Consumers need the right to lock up their credit files with a security freeze to prevent thieves from getting credit in their names."

Consumers Union is urging state lawmakers and Congress to require all companies to notify consumers when sensitive customer information has been compromised as a result of a security breach, like the current law already in place in California.

California is the only state that requires companies to notify customers about such security breaches. Other states and some members of Congress are beginning to look at such notification requirements.

More information about state efforts to enact security freeze legislation is available on the Consumers Union Web site.