Kellogg Community Federal Credit Union, Unknown Number of Victims
Technorati Tag: Security Breach
Date Reported:
8/4/07
Organization:
Kellogg Community Federal Credit Union
Contractor/Consultant:
Unknown Vendor
Number Affected:
Unknown
Types of Data:
Name, address, telephone number, birth date, Social Security number, and account number
Breach Description:
A computer was stolen from an un-named vendor or the Kellogg Community Federal Credit Union. On the stolen computer was a file that contained the sensitive, personally identifiable information. According to the credit union's Web site, there were 25,300 members in 2005.
Reference URL:
www.battlecreekenquirer.com/apps/pbcs.dll/article?AID=/20070804/NEWS01/708040313/1002/NEWS01
Report Credit:
Battle Creek Enquirer
Response:
From the article cited above:
"Tracy Miller, Kellogg Community's chief executive officer, refused to say who the vendor is or how many people were affected, citing an ongoing investigation.
"I won't be providing any additional information," she said. "We're working with the FBI."
"Credit union member and government contractor Kim Swanger, 46, of Battle Creek, received one of the letters.
When she asked a branch teller on July 31 which vendor lost the information, she was told the bank couldn't release the identity."
[Comfyllama] This is sad. A victim is not told who is responsible for losing her information. She should have a right to know!
Swanger, however, said she plans to transfer to another credit union.
[Comfyllama] Absolutely! She should transfer if she does not feel comfortable with the credit union's controls and response. This is a consequence of poor communication.
Commentary:
The information that was lost/stolen is very sensitive and poses a risk to the victims. The fact that the credit union did not communicate all of the available facts is saddening. I understand how law enforcement involvement and investigations can put a damper of some forms of communications, but I don't understand how naming the vendor would hurt.
The response from the credit union does not seem adequate at all. The "I won't be providing any additional information" quote really bugs me. If I were a victim, I would demand more. That quote is almost aloof in a way.
Past Breaches:
None since August 2007
Date Reported:
8/4/07
Organization:
Kellogg Community Federal Credit Union
Contractor/Consultant:
Unknown Vendor
Number Affected:
Unknown
Types of Data:
Name, address, telephone number, birth date, Social Security number, and account number
Breach Description:
A computer was stolen from an un-named vendor or the Kellogg Community Federal Credit Union. On the stolen computer was a file that contained the sensitive, personally identifiable information. According to the credit union's Web site, there were 25,300 members in 2005.
Reference URL:
www.battlecreekenquirer.com/apps/pbcs.dll/article?AID=/20070804/NEWS01/708040313/1002/NEWS01
Report Credit:
Battle Creek Enquirer
Response:
From the article cited above:
"Tracy Miller, Kellogg Community's chief executive officer, refused to say who the vendor is or how many people were affected, citing an ongoing investigation.
"I won't be providing any additional information," she said. "We're working with the FBI."
"Credit union member and government contractor Kim Swanger, 46, of Battle Creek, received one of the letters.
When she asked a branch teller on July 31 which vendor lost the information, she was told the bank couldn't release the identity."
[Comfyllama] This is sad. A victim is not told who is responsible for losing her information. She should have a right to know!
Swanger, however, said she plans to transfer to another credit union.
[Comfyllama] Absolutely! She should transfer if she does not feel comfortable with the credit union's controls and response. This is a consequence of poor communication.
Commentary:
The information that was lost/stolen is very sensitive and poses a risk to the victims. The fact that the credit union did not communicate all of the available facts is saddening. I understand how law enforcement involvement and investigations can put a damper of some forms of communications, but I don't understand how naming the vendor would hurt.
The response from the credit union does not seem adequate at all. The "I won't be providing any additional information" quote really bugs me. If I were a victim, I would demand more. That quote is almost aloof in a way.
Past Breaches:
None since August 2007
Posted by Evan Francen at 8/4/2007 3:15 PM 
Categories: Kellogg Community Federal Credit Union, Stolen Computer
Categories: Kellogg Community Federal Credit Union, Stolen Computer
Posts Atom 1.0
Comments