The man accused of stealing customer data from home mortgage lender Countrywide probably was able to download and save the data to an external drive due to an oversight by the company's IT department.
NEWSLETTERS
SUBSCRIBE TO CIO
Are you involved in setting the direction for your company's IT budget or strategy?
Apply today for a FREE subscription to CIO Magazine!
» Subscription Services
» Reprints
Reader Feedback
Security Oversight May have Enabled Countrywide Breach
READER FEEDBACK
Anonymous Wed, 2008-08-06 11:52
As a former employee of Countrywide I can say with certainty that the chain of command in the information security department was incompetent and truly did not understand the security risks identified to them. Report after report was submitted on this very issue and was met with resistance to mitigate and investigate the identified issues. Reports of neglect to investigate the issue were then submitted to the ethics department who then did nothing about it as well. I do hope the FBI contacts me to discuss Countrywides neglect to ensure customer data was properly protected. Storing SSN's as well as other PII data unencrypted is neglegent. The company should be held accountable for not properly securing customer data and neglect to investigate over a year ago when this potential breach was brought to their attention. It is time companies are held liable for their neglgence.
Anonymous Wed, 2008-08-06 14:14
I too, as a former employee, can vouch for the fact that the CISO and other executive management knew that security compensating controls were not in place to prevent such activities. These issues where brought to the attention of security management and the ethics department by my co-worker and I went to HR with my concerns when nothing was done. I hope the FBI contacts me as well. Management was told that this would happen.
Concerned Victim Thu, 2008-08-07 11:17
I have learned that the KamberEdelson Law Firm (http://www.kamberedelson.com) is investigating allegations relating to the compromise of millions of account records at Countrywide. If anyone would like to assist because they have additional info or believe they may have been impacted they should contact countrywide@KamberEdelson.com
Thank you.
Anonymous Sun, 2008-09-28 06:35
Sign me up for the law suit. This company is going to be held accountable for the actions of their employees. I am tired of being taken advantage of by big companies . How dare them offer 2 years of credit monitoring? Like that is really going to help.
KamberEdelson, LLC Fri, 2008-10-03 16:50
An earlier comment refers to our firm’s involvement in the Countrywide privacy class action litigation and encourages interested consumers to contact us. The comment could be viewed as a promotional message, which would be against our policy and, probably, the policies of this site. While the poster appears to have been well meaning, the decision to engage legal counsel is a serious one that we believe should not be made based on anonymous comments.
Post new comment
RELATED SOLUTIONS
There's a lot of buzz about Windows 7 out there. Each month in our webcast series, listen to analysts and customers discuss how Windows 7 and the Windows Optimized Desktop is impacting large companies around the world. Learn how they evaluated Windows 7, including the cost of deployment, deployment strategies, and tangible benefits.
Sponsored by Microsoft
Listen to on-demand Recordings »
Service Level Management Best Practices Life Cycle Overview - Improve Service Levels
Best practices for Service Level Management (SLM) is a process for consistently meeting customer requirements and delivering on IT's promises. See the steps required to ensure high-quality SLM.
Sponsored by Compuware
Read this White Paper »
Keeping Your Members Safe from Online Scams and Predators
In order to keep fraudsters out, romance sites must deploy effective solutions that look at information independent of what is supplied by users. A device fingerprinting solution such as iovation ReputationManager™ provides unique insight into the computers being used to create multiple accounts and exposes hidden device-account relationships that identity-based fraud solutions often miss.
Sponsored by iovation
Read this White Paper »
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Global Warming Research Exposed After Hack
Silicon Valley Abuzz About Tech Video That Lets You Command a Computer With Gestures
Two Approaches to NFC Battle for French Hearts and Mobiles
Palm Pixi Smartphones Now Just $25
FCC: Internet Program for Deaf Cheated Out of Millions
Judge Sets Schedule for Google Book Search Case
Twitter Geotagging: What You Need to Know
Twitter Turns on Geolocation Functionality
Some Nook E-Readers Won't Make it for the Holidays Either
Google's Chrome OS Hits BitTorrent
WHITE PAPERS
FEATURED SPONSORS
SPONSORED LINKS
| CIO MARKETPLACE | buy a link |
Software License control, Windows XP/2000 Upgrades
Use your Intranet to manage Software Licenses, plan for Windows XP/2000 upgrades, do Security Audits and more. Click to try and ask for our white paper - PC Management for the Internet Age.
UNIX and Linux Performance Tuning SimplifiedSarCheck is a performance analysis and tuning tool for most UNIX & Linux operating systems. It produces recommendations with full explanations, and both supporting graphs and tables. Get the most from your hardware by keeping your systems tuned.
.NET Developer Wanted - Boston - Local CandidatesAIR provides sophisticated analytical tools and software systems to help companies manage that risk. We are seeking a Sr .NET Developer with 8-10 yrs exp in .Net & OO development. ASP.NET, VB.NET skills required. Annual bonus - Apply Now
Get More from Your Oracle DatabaseDBAs are constantly challenged to increase performance and keep costs down. This paper discusses the industry best-practice Wait-Event analysis and how Confio has combined this with their Resource Mapping Methodology to optimize DB performance.
THE IDG NETWORK
© 1994 - 2009 CXO Media Inc.