in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Laptop Encryption Software News: Starbucks Getting Sued For Stolen Laptop In November

Well, it took some time, but it looks like the lack of laptop encryption software is translating into a headache for Starbucks.

If you'll recall, the coffee company announced the theft of a laptop computer back in November.  There was talk at the time of a class-action suit, but I didn't think that nothing would come of it.

I noted at the time that

"...a stolen laptop with sensitive information is not grounds for a class-action suit.  Supposedly, it’s because you can’t sue for what may happen; you can only sue after something has happened -- and what has to happen is ID theft, which has to be directly tied to the laptop theft.  The theft of the laptop itself is considered to be no different from the theft of an ordinary object, like a car. (And, again, I'm not a lawyer)"

I'm still not a lawyer...and, it looks like laws haven't changed in the meantime, either.  According to spamnotes.com, the site that broke the news, there have been other cases--outside of Washington state--where companies were sued for similar scenarios.  Plaintiffs lost in both cases.  Spamnotes.com notes, though, that it may be a different story this time due differences in regional laws.

Plus, there are rumors that there are ID theft cases that can be tied directly to the stolen laptop.  If this is true, it certainly fulfills the conditions I've mentioned in the above quote.  The trick is to show that it ties directly and is the only source, though.

With so many companies suffering from data breaches, who's to say that the ID theft experienced by SBUX employees didn't come from some other source?

The Class Action Suit Is Asking For...

  • Extension of 1-year credit monitoring to 5 years.
  • Periodic audits of Starbucks's computer systems to ensure security

I've already noted that the 1-year monitoring must be costing Starbucks nearly a million dollars, even with a discount.

What Starbucks Has Already Done (Supposedly)

According to commentators at the Starbucks gossip site, the company is already testing the use of whole disk encryption since the beginning of the year.

Chances are, this will do more to protect the company--and its employees--from future breaches.  In fact, this probably should have been rolled out about a couple of years back, when they had a substantial data breach.

Why the delay?  My guess is that the MBA-types at the company finally figured out that using data encryption programs to protect information on computers is much cheaper--in raw numbers as well as when trying to account for fuzzy externalities--than shelling out over half-a-million every couple of years for credit monitoring services.

In Unrelated News...

A 19-year old snatched a laptop computer from a Starbucks patron after he was told that the customer's computer could not be used to "check his Facebook account."

He was arrested and charged with "robbery by sudden snatching."  I thought the term was made-up by a harried journalist.  Not so.

Maybe it's just me, but aren't all snatchings sudden?  I mean, you can't have a languid snatching....

Related Articles:
http://www.networkworld.com/news/2009/022309-starbucks-sued-after-laptop-data.html
http://www.sun-sentinel.com/news/nationworld/world/wire/sns-ap-odd-laptop-snatched,0,4456889.story

 
<Previous Next>

Data Breach Prevention Software Needed 'Cause Over Half Of Ex-Employees Will Steal Corporate Data

Data Security: Google Talk Phishing Scam. It's New But The Tactic Is Old

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.