Following a recent break-in at its offices, First Response has admitted the loss of storage discs containing sensitive information of its current and former customers, warning them to be wary of unusual transactions on their accounts. First Response has however assured customers that it would take a ‘very sophisticated level of equipment and knowledge’ to access the data.
Jamie Cowper from the European branch of PGP Corporation, has made the following comments:
“First Response is now the latest UK organisation to take the appropriate action and inform its customers immediately of a security breach. And while we should applaud this voluntary disclosure, it is a yet another stark reminder that organisations need to completely rethink their current data protection strategies and prepare for the worst-case scenario.
While First Response states that its customer information was held and properly secured under the terms of the Data Protection Act, as this incident shows – this was shown to be not enough. The sophistication and determination of data thieves today – both targeted and opportunistic – have turned the traditional notion of data protection on its head. Rather than simply relying on a ‘check list’ approach to compliance, with piecemeal security tools deployed on an ad-hoc basis, organisations need to take a more holistic and layered approach to Enterprise Data Protection – combining physical and virtual security to ensure a completely secure enterprise.”