Skip to main content

Strike Three? Apple/Google, Sony -- now the New York Yankees...

This has been quite the stretch for large, embarrassing data breaches (or "incidents" -- depending on which spin you take).   Now, the New York Yankees have been caught in the middle.

An employee accidentally attached a spreadsheet to an email that was being sent out to thousands of current clients.  That spreadsheet contained the names, addresses, phone numbers and email addresses of current "non-premium" season ticket holders -- more than 20,000 of them.    The Yankees' account executive tried to "recall" the message -- but unless the recipient was on Microsoft Outlook, that "recall" function just does not work.   The team has apologized in a letter posted on its website.

For more on this story, see Deadspin, The Street, ITAC Identity Blog.   Takeaway --- employee awareness and training is critical, as is implementation of data loss prevention.

Full disclosure:  The author of this post is a Boston Red Sox fan.

 

 

Subscribe To Viewpoints

Author

Cynthia J. Larose

Member / Chair, Privacy & Cybersecurity Practice

Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.