He said some of the tapes, depending on what information they were carrying, were encrypted, while others were not. IBM would not reveal how many tapes were lost or how many employees – many of them retirees – were affected, but McNeese said the tapes cannot be accessed on a PC and none of the data has been misused.
"It’s a plural number [of affected people]," McNeese said. "We don’t know if anybody’s got them [the tapes], but if someone’s got them, we don’t want to give them additional information."
IBM began notifying victims in early April, telling them the tapes contained "employment information," such as names, Social Security numbers, birth dates and work history, he said.
IBM is best known in the security space for its US$1.3 billion purchase last year of Internet Security Systems, a network security management provider. But IBM also is entrenched in the identity management space with its Tivoli solutions, in addition to its product offerings for mainframe security and tape encryption.
McNeese said that despite IBM’s investment in the security marketplace, all companies responsible for securing private data are susceptible to breaches.
"I think what it shows is the vulnerabilities that information is subject to, and it shows the need for constant vigilance," he said. "We’re taking this seriously. We’re looking at all aspects of this incident."
The company also is planning to review its data transport procedures, but McNeese said the vendor that lost the tapes is still an IBM client.
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
EDUtech AU
Integrate Expo 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
