NFL fumbles with laptop that had player data on it
The football season hasn't begun and training camp isn't even here yet. All we've seen so far is OTAs which just give a small glimpse of what to expect. But the NFL is never far from the news cycle, and now that news involves compromised data from a laptop.
The incident occurred back on April 19th, but the league is just now getting around to making this public. The laptop was stolen from a Washington Redskins trainer's car and contained personal data about players.
In a story on the NFL's website the league says "In a statement, the Redskins said a laptop containing player data was stolen from a Redskins trainer's locked car on April 19. The laptop was password-protected, but unencrypted. However, the Redskins stated they "have no reason to believe the laptop password was compromised". In addition, the team said the NFL's electronic medical records system was not impacted by the theft".
The NFL claims that no social security numbers are at risk and that none of players' health data was contained on the computer.
In an email received by BetaNews, security firm Alertsec's CEO Ebba Blitz tells us "What happened to the Washington Redskins was a total fumble on computer security. While we should be surprised that the laptop was not encrypted, our research shows most companies do not ensure their laptops are encrypted until a breach like this takes place. Ultimately this security fumble proves why everyone needs encryption".
The league promises that it is working with the Players Association to find out exactly what happened and how to prevent it in the future. Altersec is urging strong encryption and to beware of a false sense of security,