A major U.S. financial institution has lost critical customer data, once again. This week, it's Citigroup, and the tapes that have gone missing have SSNs, addresses and loan account data for 3.9 million customers who have personal and home equity loans with the firm.
In February, Bank of America lost data on 1.2 million federal workers, and in May, Time Warner reported losing tapes containing critical information on 600,000 current and former workers. In the last six months, 6 million consumers have had their personal data "misplaced" or stolen from major corporations, according to today's story on the Citigroup loss in the Washington Post.
The first thing all of this data loss should tell us is -- Keep track of your tapes! In the recent Citigroup data loss, the box of tapes wasn't properly recorded by UPS at the time of pick up, and never made its destination, according to the Post's story. Though video cameras recorded the pick-up, no one seemed to notice that the UPS driver didn't scan the package, which is an extra security measure UPS has agreed to take.
Finger pointing aside, businesses HAVE to take more responsibility for the information they keep on customers and employees. Citigroup has plans in the works to electronically transmit encrypted data to its destination, which will hopefully thwart would-be thieves, but it's a bit late to assuage those customers who are now wringing their hands and wondering if their bank accounts will be drained or credit cards rung up.
What is the solution to all of this? No more tapes? Better encryption? Get rid of SSNs as a key identifier? What does your company do to keep its data safe -- and to keep customers satisfied that when they do business with you, you're looking out for them?