Search


  • Categories


  • Archives

    « Home

    Sydney Morning Herald (Australia): Privacy of millions at mercy of a USB device

    The Sydney Morning Herald reports about how the best security systems can be circumvented by an insider who may misuse access to private data:

    THE privacy and financial records of millions of shareholders who use Computershare’s global share registry system were placed at risk this year when a Boston employee quit the company, allegedly taking with her thousands of pages of highly sensitive and confidential documents.

    The employee resigned in September last year but did not return a work laptop for three weeks. When Computershare retrieved the laptop, the company claimed internal documents and emails had been copied without authorisation to a USB flash drive and later to the employee’s home computer. […]

    It is understood forensic technicians employed by Computershare later purged the documents from the home computer and retrieved one of two USB devices in the woman’s possession.

    But a court in Boston has heard Computershare does not know where the original USB device is; the woman told the company she had lost it. The chief executive of Computershare, Stuart Crosby, declined to comment on any aspect of the US court case and he declined to say if the company believed it had plugged the leakage of information.

    But he said despite spending as much as $80 million in the past three years to improve security encryption and technology protection systems, Computershare, like many companies, could never be entirely certain that its information, including customer data, was safe. […]

    In court documents filed in the US District Court in Massachusetts in February and March, Computershare’s lawyers offered an alarming catalogue of the types of material the company alleges was taken and copied by the former employee without authorisation. This included ”information that could compromise the company’s competitive position in the market as well as highlight and disclose commercial business practices that are proprietary to the company, and which have been uniquely designed to protect client and shareholder private data and accurate money movements around the globe”.

    Leave a Reply