Not so funny story. My dad called me up today and told me that he received a letter from his credit card company, Chase. The letter stated that one of their tape backups had been lost. That tape contained information including his name, address, and social security number. The tape was held in a vendor’s warehouse, and had somehow been mislaid.
“You’re in this storage business. What do you think of this?” he asks.
“I think it shows that tape isn’t necessarily the safest way to back up data,” I answer. “Tapes can be mislaid, mishandled–even stolen. Let’s hope that latter possibility isn’t what happened here.”
According to the letter he received, the information on the tape is encrypted and would require “special software” to read. Also, the information that was lost didn’t include my father’s financial data, bank or credit card numbers. Still, he was worried by the letter. And I can understand that. For all the fears people have about the cloud, this is a fairly low tech example of how security breaches can occur. He said he didn’t know how many people were affected–or received the letter–but I’m waiting for a TechCrunch article on this to come out any day now.
What can I say? It’s tape. It CAN be stolen and it CAN be lost. Keeping tapes onsite doesn’t guarantee it won’t happen, even under careful watch via video camera. Tape, when such situations are considered, just isn’t the best option anymore. Encryption is a must if sensitive data is stored on tape. End of story.