On July 29, 2011, Massachusetts Attorney General Martha Coakley announced a $7,500 settlement with Belmont Savings Bank following a May 2011 data breach involving the names, Social Security numbers and account numbers of more than 13,000 Massachusetts residents. The bank has stated that it has no evidence of unauthorized access to or use of consumers’ personal information in connection with this breach.
According to Coakley’s press release, a Belmont Savings Bank employee violated the bank’s policies and procedures by failing to secure an unencrypted backup computer tape containing personal information. Surveillance footage suggests that the tape most likely was incinerated by the bank’s waste disposal company after it was discarded inadvertently by an overnight cleaning crew.
In addition to paying a civil penalty of $7,500, Belmont Savings Bank must ensure proper transfer, inventory and storage of backup computer tapes containing personal information and must effectively train members of its workforce on the bank’s information security policies and procedures.
In March, we reported on Attorney General Coakley’s $110,000 data breach settlement with a Boston-area restaurant group.