Ohio's Department of Administrative Services says it's learned its lesson following the pilfering of a tape that contained personal data belonging to more than 130,000 people. And to prove it the agency is docking a whole week's holiday time from the man who failed to ensure the security of the information.

Jerry Miller, a payroll team leader with the agency, learned of the decision two weeks ago and has accepted the punishment, according to ComputerWorld. A third party retained by Ohio's Office of Collective Bargaining investigated the breach and recommended the penalty.

The loss of the tape, which contained social security numbers and other sensitive information, is expected to cost the state about $3m.

"One lesson that the state learned is that we need to throw more resources at security and privacy when we have an issue like that," a spokesman told the trade mag. "The next time the state takes on a project of this scope, we're going to have people on the job whose major responsibility is just data security." ®

Related stories

• Fujifilm bugs backup tapes with LoJack device (29 March 2008)
• Schwarzenegger terminates data breach bill (16 October 2007)
• Tax man praised for owning up to lost laptop (8 October 2007)
• Dead woman's medical records case could undermine FOI law (1 October 2007)
• Canadian privacy commissioner slams TJX data policy (27 September 2007)
• eBay forum mysteriously leaks account details on 1,200 users (25 September 2007)
• Web host breach may have exposed passwords for 6,000 clients (19 September 2007)
• Hackers infiltrate TD Ameritrade client database (15 September 2007)