For all the talk of cyber-criminals and the threat they impose to computer networks, there are a myriad of other threats to data security that are hardly high-tech in nature.

Consider Morgan Stanley, which has just suffered the dumbest of all data breaches. Computer discs containing sensitive customer information on 34,000 accounts, including social security numbers, account numbers and tax information, have been lost. This might not have been Morgan Stanley's fault, though it should bear the responsibility. The company apparently mailed the two discs with the information on the Morgan Stanley Smith Barney customers to the New York State Department of Taxation and Finance. But when the package arrived at the appropriate destination, the discs were gone.

The bank says that so far there has been no signs of criminal abuse of the information. It has offered the now obligatory one-year of credit monitoring for customers who social security information was compromised. While clients were informed last month, the bank chose not to inform the public, but a trade web site, Credit.com, reported the security breach. The incident raises lots of questions. Some may be surprised that the state requires physical delivery of discs, which seems somewhat anachronistic. Some may wonder whether the discs were actually stolen at some point in the delivery chain.  

For more:
- here's the article

Related articles:
Morgan Stanley, "worth more dead than alive"  
Facing blame for breaches, companies get tough on employees