
Boeing employee inadvertently sends private info of 30,000 employees to his wife [pdf] - cyberferret
http://agportal-s3bucket.s3.amazonaws.com/Breach%20The%20Boeing%20Company%202017-02-08.pdf
======
cyberferret
Short synopsis: Employee at Boeing wanted a hand formatting an Excel
spreadsheet, so he emailed it to his wife (not a Boeing employee) so she could
help him out, but she discovered that there were hidden columns in the
spreadsheet containing extremely sensitive information for 30,000 employees.

Kudos to Boeing for handling this in an open manner. I am learning that there
are actually protocols in place for reporting this sort of breach, as well as
legislative requirements in different countries/states that outline what needs
to be done and communicated to the victims of the breach.

~~~
turbohz
worrying thing is, this needs voluntary breach reporting? Talk about low
standards...

~~~
apetresc
What could they reasonably do to somehow "automatically" detect this?

~~~
aliasnexus0
Data Loss Prevention (DLP) tools could be installed on the mail servers to
scan every email and email attachment before they leave the corporate network
or are delivered to ensure there are not any SSNs, credit card numbers,
birthdays, etc. present.

------
ttd
Oh, damn, I can imagine the sinking feeling this employee must have felt when
he realized that he had made a mistake. It's very heartening to see the
responsible way in which this was handled by both him and Boeing. No mention
of repercussions for the employee, although I'm willing to bet he won't make
such a mistake again.

