By ELLEN SIMON AP Technology Writer
NEW YORK (AP) -- Stealing Social Security numbers and other sensitive data isn't always a cloak-and-dagger, ultra-sophisticated operation: It's often a low-tech job made easier by carelessness and flimsy safeguards.
Plenty of inexpensive measures can protect data from the large-scale theft that big banks, data merchants and other companies have recently disclosed.
But "security and privacy, for a lot of large organizations, are an afterthought, not a priority," said Evan Hendricks, who publishes the newsletter "Privacy Times."
Consider the latest headache for some large banks:
Wachovia Corp., and Bank of America Corp. say they have notified more than 100,000 customers that their accounts and personal information may be at risk after former bank employees allegedly sold account numbers and balances to a man who then sold them to data collection agencies. Nine people have been arrested in New Jersey in the case.
Or consider MCI Inc.'s privacy problem:
An MCI laptop containing the names and Social Security numbers of
16,500 current and former MCI Inc. employees was stolen last month from the car of an MCI financial analyst in Colorado. The car was parked in the analyst's home garage. The computer was password-protected; the company would not comment on whether the data was encrypted.Encryption, which is relatively inexpensive, would make all those records all but impossible to access.
-