It's all too easy to imagine.
After a hard day at work, you head off with some mates into the city. Maybe you stop at a bar. Possibly you have a few drinks. Perhaps you hit the dance floor.
And as as you drunkenly demonstrate your John Travolta-style dance moves, with the hits of the Bee Gees ringing in your ears, your girations cause a USB stick to fall out of your back pocket.
It could happen.
But if it happened to you, maybe you would only lose some family photos, or a draft of the novel you've been busy not writing for the past fifteen years.
Unfortunately, that's not what happened recently to a Japanese man, who reportedly lost a flash drive on a drunken night out, containing the personal information of every single one of the city's residents.
The unnamed man, who is in his forties, did not lose the USB stick disco-dancing, but instead after he had gone out for a boozy night out last Tuesday at a restaurant in the city of Amagasaki, northwest of Osaka.
After some presumably heavy drinking, the man fell asleep in the street. Waking hours later, he found his bag containing the flash drive had disappeared. Which meant the names, dates of birth, and addresses of 465,177 people could no longer be considered secured.
In addition, the USB stick contained other sensitive data which included tax information, bank account details, and a list of households which received special assistance such as social security and childcare payments.
Why did the man have so much sensitive data stored on his USB drive? Because he was employed by a firm that provided benefits to some households, and had visited Amagasaki's information centre earlier that day to transfer residents' information onto the device.
Realising the seriousness of the breach, the man searched for the memory stick the following day (presumably while nursing a hangover), without success. A lost property report was filed with the police, and city authorities were informed.
Quite understandably, when the security breach was made public, the residents of Amagasaki were not impressed that data had been treated in such a slip-shod fashion, and the city's offices were swamped with over 30,000 phone calls in a single day.
The city office was inundated with 30,000 calls in one day after announcing the incident on Thursday.
At a press conference, the authorities reported that the flash drive had been encrypted - reducing the chances of the data leaking into the wrong hands. Nonetheless, the city's mayor and other officials bowed in apology to residents.
According to officials, although the man had been authorised to access the data, he had not been given permission to transfer it onto the USB stick, or to take the data off the premises.
Authorities held a news conference on Thursday, with the city's mayor and other officials bowing in apology to residents.
The man's employer, a firm called BIPROGY, also apologised:
"We deeply apologize to the citizens of Amagasaki, the city of Amagasaki, and all concerned for the inconvenience caused by the loss of important information entrusted to us."
Thankfully, as Vice reports, the bag was found on Friday - along with the USB memory stick
Government workers have been reminded that they must seek permission before taking flash drives away from the city's offices.
And hopefully, because you read Bitdefender's Hot for Security blog you're wise to security threats, and so any sensitive information you store on the your thumb drives is securely encrypted with a strong, unique password - meaning that even if it did fall into the hands of the nefarious, they wouldn't be able to access things you would rather remain private.
tags
Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.
View all postsNovember 14, 2024
September 06, 2024