Catastrophic 40 million dollar USB drive data breach in Canada
The Durham region in Canada is being sued for 40 million dollars for data lost on an unencrypted USB flash drive. The lost unsecure USB stick was misplaced in 2009 and contained personal information of 83.524 people that had gone through the H1N1 vaccination program. This values each breached record at $49.5 US dollars. The class action suit has been given the go-ahead and contains claims that the Durham Region has acted negligent and also violated the privacy of the affected citizens.
The loss of unsecure USB flash drives that contain detailed records of privates and organizations has been highlighted on multiple occasions before; an example is the HSBC data breach in the UK that left the bank $5 million US dollars lighter on the pocket. It is apparent that the loss of the data is catastrophic for everyone included; the person that lost the device, the organization that has acted negligent and the people that had their information exposed, all are in a very painful situation.
Data loss and suits of this magnitude is something that we unfortunately are expecting to see more of. Rightfully the digital privacy movements and government regulations are growing stronger around the world. In all the darkness the one good thing is that is already a solution available to turn this around in the case of USB flash drives, said John Terpening secure USB business manager at Kingston Digital Inc. provider of the DTVP-M and DT4000-M and more devices that prevent data breaches.
Agreeing with John I understand the difficulties that IT security teams face. They are being attacked in all vectors by hackers, smart malware, challenges of business continuance, insider threat and breach risks. There is no question that IT security is a challenging task, even more with the budget pressure that many face. But even looking at IT security from a bird’s eye view replacing unsecure USB flash drives needs to get the highest priority due to high risk and liability that they pose. Not only do they pose the high data breach risks with their enormous storage capacity, they are also ranking as the number one malware threat as unprotected USB drives easily can bring down corporate networks.
There is simply no need for all this pain as there is an affordable solution readily available:
SafeConsoleReady hardware-encrypted secure USB flash drives that automatically encrypt and password protect all stored data ensures that no one but the rightful owner can get access to stored data.
Device Lockout port control included with SafeConsole ensures that only the authorized secure devices are used within the organization. Other unsecure USB drives will be rejected from the machines. Device Lockout is available at the fraction of the cost of full blown port control systems.
SafeConsole central management of the encrypted USB flash drives ensures that the organization can remotely terminate a lost device and even clone that lost data onto a new managed secure USB flash drives. The SafeConsole management also puts active malware prevention, lean and powerful antivirus from Sophos, auditing for compliance and much more available at the click of a buttons for the administrators.
“This values each breached record at $49.5 US dollars”
Wow, a whopping $50!