According to a Feb. 14 disclosure letter (PDF) from the CBR, members of the registry could be in danger of identity theft.
The letter does not say how the breach occurred, but a report on the Office of Inadequate Security website indicates that the breach was the result of the theft of data backup tapes from an employee's car.
The stolen tapes contained customer names, Social Security numbers, driver's licenses, and/or credit card numbers, according to the report. The data on the tapes was not encrypted.
"We recognize that the loss of unencrypted data poses a risk, and that’s why we sent out the notices to our customers," the CBR told the Office of Inadequate Security.
The report does not say what types of tapes were involved, or what format they used.
Have a comment on this story? Please click "Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.