Isn’t it always a bit surprising when the (new) latest significant data breach happens at a tech company?

That’s been the case twice in the past week, first when IBM suffered a data breach when a number of data tapes fell from the back of a third-party vendor’s truck.

Later last week, that mantle was passed to Alcitel-Lucent, which lost a disk containing the PII of an unknown number of employees and retirees that was also in the possession of a partner at the time of the incident. Some reports have put the Alcitel-Lucent victim total as high as 200,000.

Jaime Chanaga of The CSO Board LLC was one of the first security bloggers to comment on the incident today. Here’s what he had to say:

“In this case, Alcatel-Lucent made an error in judgment in failing to implement basic information security technologies, such as data encryption, to protect the personal information on employees stored on any computer media leaving their facilities. This incident illustrates the fact that even technology savvy organizations can fail to protect sensitive information by ignoring the proper use of information security controls such as data encryption.”