BP: Our Data Blowout Preventers Don't Work Properly Either
Another messy spill for BP. The energy company has lost a laptop containing the personal information of thousands of people who filed claims related to last year’s Deepwater Horizon oil spill.
Lost on a business-related trip in early March, the laptop held the names, Social Security numbers, phone numbers and addresses of some 13,000 claimants. And the only security measure protecting them was a password.
Evidently BP’s culture of risk, noncompliance and incompetence extends to IT management as well. At least it’s consistent.
“There is no evidence that the laptop or data was targeted or that anyone’s personal data has in fact been compromised or accessed in any way,” BP said in a statement. “We have sent written notice to individuals impacted by this event to inform them about the loss of their personal data and to offer them free credit monitoring services to help protect their personal information.”
So no harm, no foul, right? Just don’t ask us to explain why the personally identifiable information of 13,000 Gulf disaster victims were on an unencrypted laptop in the first place.
If this is the sort of care BP gives to claimant data, the company’s just bolstered the case against it for negligence.
Can’t wait to hear what BPGlobalPR has to say about this one.