Hacker News new | past | comments | ask | show | jobs | submit login
Boeing employee inadvertently sends private info of 30,000 employees to his wife [pdf] (amazonaws.com)
19 points by cyberferret on Feb 22, 2017 | hide | past | favorite | 6 comments

Short synopsis: Employee at Boeing wanted a hand formatting an Excel spreadsheet, so he emailed it to his wife (not a Boeing employee) so she could help him out, but she discovered that there were hidden columns in the spreadsheet containing extremely sensitive information for 30,000 employees.

Kudos to Boeing for handling this in an open manner. I am learning that there are actually protocols in place for reporting this sort of breach, as well as legislative requirements in different countries/states that outline what needs to be done and communicated to the victims of the breach.

> Kudos to Boeing for handling this in an open manner

Not hardly.

What is Boeing doing putting PII in hidden fields in the first place.

worrying thing is, this needs voluntary breach reporting? Talk about low standards...

What could they reasonably do to somehow "automatically" detect this?

Data Loss Prevention (DLP) tools could be installed on the mail servers to scan every email and email attachment before they leave the corporate network or are delivered to ensure there are not any SSNs, credit card numbers, birthdays, etc. present.

Oh, damn, I can imagine the sinking feeling this employee must have felt when he realized that he had made a mistake. It's very heartening to see the responsible way in which this was handled by both him and Boeing. No mention of repercussions for the employee, although I'm willing to bet he won't make such a mistake again.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact