Britain's Big, Bad, Data Breaches

It has certainly been an eventful few days in data security over on the other side of the pond. Late last week, for example, a U.K. government contractor lost an unencrypted USB stick containing details on tens of thousands of criminals, and then Royal Bank of Scotland (RBS) hit the headlines today after a computer containing customers personal data was sold on eBay.

More precisely, more than a million bank customers’ details were found on the computer, according to a BBC report. The data also included customers of RBS’s Natwest subsidiary, and some American Express customers, according to media reports.

As usual, security vendors latched onto the RBS breach as soon as it became public.

Cue encryption specialist Credant, which quickly issued a statement explaining how the latest snafu could have been avoided.

If the data had been (surprise, surprise) encrypted, then RBS could have avoided this current media storm, according to Michael Callahan, Credant’s chief marketing officer.“Even if the computer slipped through the net because of the thoughtless actions of one or more individuals, then the data would clearly be inaccessible,” he added. “This would have avoided the need to apologize for leaking data that included bank account numbers, phone numbers, mothers’ maiden names, and even signatures of customers.”

Still, it makes you wonder. Why on earth wasn’t this data encrypted?

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Byte and Switch's editors directly, send us a message.