I’ve often thrown up my cyber-hands in disgust at breaches that occur because people leave unencrypted PII or PHI in unattended vehicles. But sometimes, you read an incident report, and you can somewhat relate. This report by attorney Michael Koch, dba Lockhart, Britton & Koch in La Mesa, California is one of those times.
From the sound of things, the law firm, which specializes in bankruptcy cases and estate planning, responsibly backed up client data. And they responsibly tried to maintain that external drive backup off-site. But then, busy with Thanksgiving preparations, Koch left his briefcase containing the drive locked in the trunk of his car in his driveway. And the rest, as they say, is history….
As a result of this incident, the firm is now maintaining the backup drive in a fireproof safe and is looking into other secured storage options.
They are also offering clients one year enrollment in Experian’s IdentityWorks product.
You can read the full notification below.
SamDataBreach_0We all get tired. Or our arms are full so we don’t grab one bag from the car, figuring we’ll come back out later and get it. And then we don’t. It only takes one slip-up in judgement or one decision made when we are tired or busy to result in a costly data breach. And it could happen to any of us.