Eircom loses unencrypted personal data of customers and staff following laptop thefts

Irish telecoms firm Eircom has lost three laptops containing the personal data of over 7,000 mobile phone customers and employees

Irish telecoms firm Eircom has lost three laptops containing the personal details of more than 7,000 mobile phone customers and employees.

The bank account or credit card details of 550 eMobile and Meteor customers are at risk following the security breach, Eircom has revealed.

Eircom said two unencrypted laptops were stolen from its offices at Parkwest, Dublin, in December. A third laptop was stolen from the home of an employee.

Ireland’s Data Protection Commissioner is investigating, according to local reports.

The telecoms company said a review of its encryption policy is under way to ensure all computers and laptops are compliant.

Stephen Midgley, global vice-president at security firm Absolute Software, said that, as laptops and other mobile devices increasingly become essential work devices, maintaining security of customer and company data is becoming ever more challenging.

“When managing personal and financial details, companies need to have greater safeguards in place to protect customers from the risks of loss and theft inherent in mobile devices,” Midgley said.

Consumers will increasingly seek greater assurances from businesses about the protection of their data, he said, so it is crucial that firms make changes before irreparably ruining trust.

Some companies may seek to slap down a ban on storing customer data on laptops, but Midgley believes that, in practice, these sorts of lapses will continue to happen if there is not a step-change in security.

“Businesses have to move up a gear with the way they approach data security, to keep up with the pace of change in device use,” Midgley said.

Even with the increasing use of cloud technology, confidential data will still be stored on devices, but with increased mobility comes increased risk to exposure, said Midgley.

“The need to securely manage mobile devices, especially when they are at risk such as due to theft, is paramount to any business,” Midgley said.

According to Midgley, robust data management and document security is key.

“As device proliferation increases, the ability to push and pull data from employee devices to ensure that crucial financial information and personal data isn’t simply saved to a device or emailed out, will become vastly more important,” he said.

Read more on Privacy and data protection