Storage device reported stolen from insurer RSA's data centre

Names, addresses, bank account and sort code details waltzed out the door


The insurance company formerly known as Royal & Sun Alliance but now going by the confusing-for-Reg readers “RSA” says “a data storage device has been reported as stolen from one of our data centres.”

The firm's sparse customer notice and press statement say the device contained names and addresses, bank account and sort code details.” The company adds “We have no evidence to suggest that this data has been misused in any way.”

If you are unlucky enough to have been among those whose details walked out the data centre door, RSA has written to you and offered two years' worth of services from fraud prevention outfit Cifas.

RSA's statements don't say if the stolen device was a thumb drive, a disk, or an entire array, leaving open the possibility someone managed to wheel out a substantial piece of kit.

Let's do a little sleuthing. Absent any news of outages at RSA, we can probably rule out the theft of a piece of kit that would have caused service interruptions. Let's also assume that “device” means a machine of some sort, rather than an optical disk or thumb drive. So what devices would RSA have the in the data centre that are small enough that a thief could sneak out? The most likely candidates are a tape drive or USB disk. The former could well be used for backup as not everybody, even large insurance firms, need a robotic tape library.

So here's a theory: someone's removed a tape drive from an RSA data centre. There was a backup tape in there when it was moved, which is how the customer data came to leave the building.

If you've a better theory, hit the forum for this story. If you know we're wrong, do get in touch. ®

Similar topics


Other stories you might like

  • Amazon warehouse staff granted second chance to vote for unionization

    US labor watchdog tosses previous failed result in the trash

    America's labor watchdog has given workers at Amazon’s warehouse in Bessemer, Alabama, another crack at voting for unionization after their first attempt failed earlier this year.

    “It is ordered that the election that commenced on February 8 is set aside, and a new election shall be conducted,” Lisa Henderson, regional director at the National Labor Relations Board, ruled [PDF] on Tuesday.

    “The National Labor Relations Board will conduct a second secret ballot election among the unit employees. Employees will vote whether they wish to be represented for purposes of collective bargaining by the Retail, Wholesale and Department Store Union.”

    Continue reading
  • It's the flu season – FluBot, that is: Surge of info-stealing Android malware detected

    And a bunch of bank-account-raiding trojans also identified

    FluBot, a family of Android malware, is circulating again via SMS messaging, according to authorities in Finland.

    The Nordic country's National Cyber Security Center (NCSC-FI) lately warned that scam messages written in Finnish are being sent in the hope that recipients will click the included link to a website that requests permission to install an application that's malicious.

    "The messages are written in Finnish," the NCSC-FI explained. "They are written without Scandinavian letters (å, ä and ö) and include, for example, the characters +, /, &, % and @ in illogical places in the text to make it more difficult for telecommunications operators to filter the messages. The theme of the text may be that the recipient has received a voicemail message or a message from their mobile operator."

    Continue reading
  • AsmREPL: Wing your way through x86-64 assembly language

    Assemblers unite

    Ruby developer and internet japester Aaron Patterson has published a REPL for 64-bit x86 assembly language, enabling interactive coding in the lowest-level language of all.

    REPL stands for "read-evaluate-print loop", and REPLs were first seen in Lisp development environments such as Lisp Machines. They allow incremental development: programmers can write code on the fly, entering expressions or blocks of code, having them evaluated – executed – immediately, and the results printed out. This was viable because of the way Lisp blurred the lines between interpreted and compiled languages; these days, they're a standard feature of most scripting languages.

    Patterson has previously offered ground-breaking developer productivity enhancements such as an analogue terminal bell and performance-enhancing firmware for the Stack Overflow keyboard. This only has Ctrl, C, and V keys for extra-easy copy-pasting, but Patterson's firmware removes the tedious need to hold control.

    Continue reading

Biting the hand that feeds IT © 1998–2021