Auditor laptop stolen, confidential data included

The auditor for Hotels.com is Ernst & Young, and one of their staff working on the audit had their laptop stolen from their car, compromising the credit card data of approximately 243,000 customers.

These things will happen, but what I don’t understand is whether they’re just assuming whoever stole the laptop is going to be able to crack the password that is no doubt protecting it. I have to enter two different passwords just to get into my work laptop, one to boot up and one to log in.

Am I missing something here? Are passwords not enough to protect the data? Can you just rip the hard drive out of the laptop somehow and extract the data that way? Is any data truly safe, then?

EY has pledged to encrypt sensitive data such as this in the future, so maybe that holds the key to safeguarding the intangible assets of audit clients.

Wireless internet theft affects us all

A story in the New York Times about your friendly neighborhood wireless thieves. I have to admit I’m guilty of this when I’m not at home, but it pretty much does serve you right if you don’t secure your network. Maybe municipal wi-fi will cut down on this “phenomenon”…

Edit: If only Twitter were invented when I wrote this “post”.