Feeds

Personal data for 650,000 customers vanishes into thin air

Bad timing for J.C. Penney CEO

Providing a secure and efficient Helpdesk

Personal information belonging to more than 650,000 US customers of J.C. Penney and other retailers is at risk after the company hired to safeguard the data lost a backup tape.

The information, which was entrusted to a company called GE Money, included social security information for about 150,000 people. The data was on a backup tape that was discovered missing in October from a warehouse maintained by storage company Iron Mountain. While there is no indication the tape was stolen, company officials have been unable to locate it, either.

In a twist of irony, the revelation of the missing information coincided with the debut of a mini documentary on cyber crime in which the chairman and CEO of J.C. Penney, Mike Ullman, speaks about the growing risk posed by online thieves.

At one point in the 20 minute-film, which was produced by security provider Fortify Software, he acknowledges that criminals are actively probing server code for mistakes that will allow them to access J.C. Penney information. He makes no mention of vulnerabilities relating to physical security or business partners.

The disclosure comes a year after TJX Cos., owner of the T.J. Maxx and Marshalls retail chains, suffered a server breach that exposed personal information for as many as 100 million people. Despite it being the world's biggest credit card heist ever and despite revelations security measures failed to meet credit card industry requirements, there's been little measurable backlash on the company. TJX stock has lost less than 1 percent over the past year, compared with a six per cent decline in the S&P 500.

GE Money has offered to pay for 12 months of credit monitoring for anyone whose social security number was lost.

According to the Associated Press, a letter signed by GE Money President Brent P. Wallace reads in part that J.C. Penney "was in no way responsible for this incident." ®

New hybrid storage solutions

More from The Register

next story
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.