Companies Trash Security Policies Along With Sensitive Data

[Peaches]

Companies Trash Security Policies Along With Sensitive Data

Careless disposal could turn dumpsters into gold mines for data thieves, experts say

Mar 27, 2009 | 03:13 PM

By Tim Wilson

DarkReading

Before you declare your organization's sensitive data to be safe, you'd better check your trash. Several companies didn't during the past week, and they're paying the price:

• In Alabama, employees at Hancock Fabric are livid after personnel records dating back to 2005 were found in a dumpster. The company apologized to current and former employees, and said the documents were disposed of improperly.

• In Ohio, a man who bought some old file cabinets was surprised to find personnel documents of state employees still in the drawers. The information included Social Security numbers, medical histories, and salary information. The state says it is informing the affected employees who were affected by the data loss, and is attempting to find the careless employee who left the files in the drawers when the cabinets were cycled out.

DarkReading - http://www.darkreading.com/insiderthreat/s...Section=Privacy

>>>>>>>>>>>>>>>>>>