What did SAIC do following the initial notice from BNY Mellon of the loss of tapes containing personal information?
SAIC sent their senior vice president and chief security officer to BNY Mellon’s offices in March 2008 when SAIC was first notified of the loss of data. He reviewed BNY Mellon’s investigation, the details surrounding the loss of the tapes, and the steps they were taking to improve their security going forward. BNY Mellon made changes in their security protocol, including encrypting backup tapes. Details of their security improvements can be found at http://www.bnymellon.com/tapequery. SAIC continues to review BNY Mellon’s administrative, physical and technical security practices, polices and procedures. An SAIC team including its chief security officer visited BNY Mellon facilities in late September 2008 to conduct its second review of BNY Mellon’s security practices, policies and procedures since the data loss.