Backup tapes are far from being a secure backup solution as Pharmaceutical firm Bristol-Myers Squibb (BMS) has learned recently. Yes there are a few precautions companies can take if they decide to use tapes as part of their backup solution but even BMS has failed performing the most important and basic thing, data encryption.

Last week the BMS security office circulated a letter (PDF File) informing people that a backup tape containing personal information was stolen during transit as reported over at the Breach Blog. The data stolen was that of current employees, former employees and their dependent which included information such as: name, address, date of birth, Social Security number, marital status, gender, salary, hire date, termination date, retirement date, and, in some instances bank account information.

To add insult to the theft of personal data Bristol-Myers has offered a year’s free credit monitoring report for those you might be at risk, isn’t that generous?

Employees need to ask Bristol-Myers, why wasn’t the data backups encrypted in the first place? Well, since the announcement over at Pharmalot of this data blunder former employees are asking just that.