Let's all say "thank you" to Armstrong World Industries and Deloitte & Touche for emphasising the need for harsh penalties against security ignorance.

There is also great news also for a group of up to 23,000 patients of the George Washington Hospital in Washington DC. You probably survived your treatment at the facility, but it isn't that certain that you'll survive the incompetence with InstantDx, a partner that attempted to provide electronic prescriptions.

InstantDx succeeded in exposing data including social security numbers for between 5,600 and 23,000 patients, the hospital disclosed on Wednesday. Amazingly, no medial or prescription data was leaked, only data that can really hurt consumers. George Washington Hospital wisely suspended the trial with InstantDx.

Let's all say "thank you" to InstantDx for demonstrating that security is strategic instead of merely a pesky added cost that gets in the way of your corporate greed.

To round out Wednesday's series of embarrassing security unveilings, a US subsidiary of the UK based financial services firm Old Mutual, realised that "sometime in May" a laptop was stolen. It contained data on 6,500 fund shareholders, including all the details that an identity thief would ever need.

Hopefully the financial services firm is better at investing than it is at securing its data. It's investors after all will need money to monitor their credit scores and fight claims for years to come.

Let's all say: "thank you" to Old Mutual for providing proof that unencrypted confidential data stored on a laptop really is a great way for identity thieves to strike it rich.

And let's finish off by thanking the privacyrights.org website for providing an overview of all these cases of data security incompetence.

technorati tags: securty, identity, theft, fraud, ssn, incompetence,