Prison Officials Lose Flash Drive With Data On 3,500 Volunteers And Visitors

The San Francisco Chronicle has reported that “a flash memory drive containing names, birth dates and driver’s license numbers of more than 3,500 people who either volunteered or visited San Quentin State Prison in a group tour has been lost.” Our reader Paul, who sent us the tip, adds, “When I read it my first thought was, “Gee, I wonder what the chances are of this personal data ending up in criminal hands? Mmm, maybe 100%.” Our favorite part of the story: the data wasn’t encrypted, but prison officials have said that now they’re going to start encrypting it.

Anyone who has visited San Quentin and is concerned their personal information could be on the flash drive may call Sgt. Rudy Luna, administrative assistant, at (415) 455-5000 or Laura Bowman, community partnership manager, at (415) 454-1460, extension 5400.

The prison sent warning letters out to the affected parties earlier this month, and suggested they start monitoring their credit—but didn’t offer to help pay for the added credit monitoring that will be needed, naturally.

“San Quentin loses data on 3,500 visitors” [SFGate]
(Photo: Getty)

Comments

Edit Your Comment

  1. NoNamesLeft says:

    I am sure they are taking it seriously.

  2. Ghede says:

    The more and more this happens, the more I have an urge to burn my social security card, my birth certificate, the hospital I was born in, anyone who knows my name, and run screaming into the woods. I might just skip everything else and just run screaming into the woods, y’know, as a weekend thing. I call it “Vocal Camping”

  3. hi says:

    I wouldn’t worry too much, it’s probably already been converted into a shank of some kind.

  4. APFPilot says:

    I wonder if Metallica’s information is on there?

  5. CaptZ says:

    A data shank…..I love it!

  6. marsneedsrabbits says:

    Well, hopefully they lost it in the prison, so it’ll be easier to find.

    Idiots.

  7. flidget says:

    They lost it on the 4th, and didn’t notify the affected people until two weeks later? Helpful.

  8. Who takes a tour of a prison?

  9. paulinsf says:

    “Who takes a tour of a prison?”

    There’s a list around somewhere.

  10. MeOhMy says:

    Why did the information need to be stored on any kind of portable medium?

  11. MissTic says:

    That accompanying photo is hilarious.

  12. oakie says:

    “prison security”. i love it.

  13. glater says:

    Tours of prisons are more common than you think, particularly with law and criminal justice students and the like.

  14. kinamoto says:

    @A.W.E.S.O.M.-O: Students/teachers, journalists, other law enforcement employees?

  15. statnut says:

    Time for a cavity search.

  16. @kinamoto: Well, by “group tour” it sort of sounds non-professional, i.e., “On your left is our famous gas chamber!” I don’t think you’d need to arrange a group tour for a journalist or police officer.

    I guess if you were a parent looking to put the fear of god in your kid, a tour might work though.

  17. mercnet says:

    God is it that hard to run http://www.truecrypt.com ? I been using it since I was in high school.

  18. Pink Puppet says:

    @A.W.E.S.O.M.-O: When I was in highschool, my homeroom teacher took my whole class to do a group tour of the county jail after some serious disciplinary issues.

    It put the fear of G-d in most of us.

  19. rustyni says:

    This happened here in Nashville as well. Only this time, it was a laptop containing the names, addresses, social security numbers, and drivers license numbers of all the county’s registered voters. Apparantly the laptop had post-its on it containing all the passwords needed to access the database.

    Of course this happened a perfect three weeks after I had registered as a voter. Freaking awesome. If people are going to keep records like this, it needs to be on something / somewhere not easily lost or accessed. It’s just plain irresponsible.

    And to not even offer to pay for the added credit monitoring that is now going to be required, is as good as denying any wrong-doing or responsibility on their part.

  20. Veeber says:

    @mercnet: Well as much as Truecrypt is great for individuals, on a enterprise level it could become problematic.

    There are plenty of enterprise products for this, and there is no excuse for not using it. If you’re not going to be keeping your data in a secured facility, encrypt it. NIH is about to pay a whole lot of money for someone to come in and implement encryption after that laptop loss. Looks like this prison is in the same boat.

  21. ViperBorg says:

    @paulinsf: Nice.

  22. bobblack555 says:

    What kind of idiot keeps sensitive data like that on a fucking FLASH drive??