RSSData Loss Puts HP Employees At Risk
By Ed Oswald | Published March 23, 2006, 11:15 AM
Fidelity Investments disclosed Wednesday that a laptop carrying personal information on 196,000 current and former employees of Hewlett Packard was stolen last week. The incident apparently occurred while Fidelity employees were working at an off-site location.
Information on the laptop included names, addresses, social security numbers, dates of birth, and employment information. PINs for the employees' Fidelity accounts were not part of this data. However, the amount of information lost is likely more than enough to pose a potential identity theft threat.
As an additional feature to protect data on these machines, Fidelity adds a special application that encrypts data after an expiration date. According to the company, this application expired the day after the laptop was stolen.
The authorities have been alerted to the loss, Fidelity said. It is likely that the laptop itself was stolen with little regard for its contents, which would likely be deleted anyway to resell the machine, authorities say.
Fidelity said that it had not received any reports of potential data misuse. Both companies are now alerting affected employees, and Fidelity will offer those individuals free credit monitoring for a period of one year.
Data loss is becoming an increasingly bigger problem. Nearly 53 million personal records have been exposed in the past year or so in incidents like this, says the Privacy Rights Clearinghouse.
However, by the same token, studies have shown in most cases, much of the data is never used. This is due to the amount of time it takes to apply for credit accounts, which is usually on the order of 10 to 15 minutes per application.
Goes to show that out sourcing is not all its cracked up to be!
Score: 0
"Sensitive data" and "laptop" should NEVER be used in the same sentence. Stupid. Totally stupid. F.I. should have known better. I'm really losing faith that hope exists for a common sense approach to data security. All the technology in the world, and someone still thinks it necessary to tote around in the open.
Score: 0
I have a relative who works for HP; they sent him this email:
"This is to let you know that Fidelity Investments, record-keeper for the HP retirement plans, recently had a laptop computer stolen that
contained personal information about you, including your name, address,
social security number and compensation. Fidelity is sending a formal notice to you today about this matter in a priority mailing to your
address on record. In the meantime, we wanted to let you know that a
copy of this notice is now posted on the Fidelity NetBenefits(r) site
in the News section on the right
hand side of the home page. The notice includes some immediate steps
that you can take to protect yourself, as well as information about how to enroll for a 12-month period of credit monitoring at no cost to you and a Fidelity call center number in case you have additional questions."
End quote.
It just boggles my mind that these multinational companies spend millions and millions of dollars on advertising and stupid sh** like that, yet they hire ignorant bozos to handle their security.
It's way past time for the government to step in and start handing out prison terms and severe fines for these totally preventable security lapses. Financial punishment is the only thing these companies understand. Offering one year of free credit monitoring is a joke and in no way makes up for the huge risks they placed these people under. Identity theft can take years to recover from and it is not always possible to restore one's good name and credit rating.
Score: 0
That data should NEVER have been on a laptop. The person(s) responsible need to be prosecuted.
Score: 0
"Shoot him or something" Quoted from da f** in da star wars. :P
Score: 0
why would all that data be on a laptop? they should use a remote server that the laptops can link to to get the information that would be better security wise
Score: 0