It has been revealed that the Irish energy provider Bord Gáis had an unencrypted laptop stolen from its Dublin offices this month. The computer contained the bank account details of 75,000 of its customers and the theft took place on 5 June 2009, but has only just been revealed.
One security firm said this latest data breach showed that, despite countless previous incidents, companies still haven’t learnt the importance of protecting customer data.
“Bord Gáis needs to make it clear why it was necessary for a significant number of customer records to be on an unprotected machine,” said Jamie Cowper, director of marketing, at data encryption expert PGP Corporation.
Cowper said that as we enter a digital age, companies are storing increasingly large volumes of data. He called for proven technologies, such as data encryption, must be rolled out so that company data is always protected – wherever it is stored and regardless of who is in possession of it.
“Whilst Bord Gaís has since rolled out encryption to all of its laptops, there remains the question of why this was not already standard procedure,” Cowper added.
“Data encryption should be a preventative measure, not reactive, and in this case would have saved the company reputational damage and potentially costly financial consequences. Most importantly, it would have kept customer data totally secure.”