I received an email last night from my online video rental provider that they were compromised and that my personal information may have been stolen. I immediately thought that this was a “phishing” scam and deleted the email. With all the compromised data in recent years though, Sony, and Barnes and Noble to name a few, (yes I got tagged in both events), I had to make certain this was legit. I logged into my video rental account and sure enough, the breach was confirmed and I needed to change my password immediately.
In a weird twist in this digital age, I expected to read a confusing account of how their servers were breached via re-routs from China or North Korea, but it turned out that their offices were physically broken into. The thieves had stolen the physical hard drives that contained customer information. I expect this company has spent tens of thousands of dollars on firewalls, servers and other security measures to protect their digital assets, but what about their physical office location?
The moral of this story is, in today’s high-tech world of espionage and intellectual property theft, you still have to think about locking the front door.