Ernst and Young fails to disclose data loss, reveals The Register

 
Ernst and Young has lost a laptop containing data such as the social security numbers of its customers. One of the people affected by the data loss appears to be Sun Microsystems CEO Scott McNealy, who was notified that his social security number and personal information have been compromised.

TOP STORIES Government intervenes in warrantless wiretapping lawsuit Commtouch unveils image-based spam defense Verizon sued over NSA surveillance US spy agency building database of every call ever made Email bomber heads back to court Zombie master Jeanson Ancheta sentenced to 5 years in prison New York man to settle in Washington's first spyware case US demand for college wiretaps questioned Russian virus distributor convicted Corporate instant messaging on the rise Court slams former spam king over spyware Hacker charged with stealing information from military MPAA releases new piracy loss data Spam King Alan Ralsky not jailed Consumers in the dark about latest tech buzzwords more

While pushing all out transparency for its customers, Ernst and Young failed to cop to the security breach until contacted by The Register.

At lat week's RSA security conference, McNealy noted that he received an e-mail from an "anonymous partner" detailing a loss of his private data. "We determined that your name and social security number were among the data (lost)," the partner wrote to McNealy.

"This is an organization that we spend an enormous amount of money on to determine whether we are Sarbanes-Oxley compliant," McNealy said.

A spokesman at Sun confirmed that Ernst and Young is still the company's auditor but declined to out the firm that lost McNealy's data.

Ernst and Young declined to comment on whether or not McNealy was affected.

"We deeply regret that a laptop containing confidential client information was stolen, in what appears to be a random act, from the locked car of one of our employees," said Ernst and Young spokesman Charles Perkins. "The security and confidentiality of our client information is of critical importance to us. The computer was password-protected, and we have no reason to believe the data itself was targeted or that the information was accessed by anyone. We are notifying those clients whose information was contained on the computer."

Ernst and Young has littered its Web site with transparency advice for customers. The company, however, failed to make a public notification of the data loss.

Such secrecy seems quite rich given the current climate surrounding security and the protection of customer data. One might ask how a company such as Ernst and Young can judge the transparency of Sun or other customers.

 
Save to Yahoo! My Web

Submit to Fark

Add to Del.icio.us

Add to Ma.gnolia

Submit to Reddit

Submit to Slashdot

Submit to NowPublic
 

E-mail this story     Printer-friendly version     Bookmark this page