Posted on 06/20/2006 9:17:19 AM PDT by Kennesaw
Equifax: Laptop With Employee Data Stolen
By HARRY R. WEBER AP Business Writer © 2006 The Associated Press
ATLANTA Equifax Inc., one of the nation's three major credit bureaus, said Tuesday a company laptop containing employee names and Social Security numbers was stolen from an employee who was traveling by train near London.
The theft, which could affect as many as 2,500 of the Atlanta-based company's 4,600 employees, happened May 29 and all employees were notified June 7, spokesman David Rubinger said.
Employee names and partial and full Social Security numbers were on the computer's hard drive, though Rubinger said it would be almost impossible for the thief to decipher the information because it was streamed together.
"It would be very difficult to link this information and determine they were actual Social Security numbers in the first place," he said.
No other employee information was on the computer, he said, and there was no customer data on the computer.
Even so, the company has provided employees free access to its credit monitoring service, and it has encouraged them to put a fraud alert on their credit file.
The employee whose laptop was stolen, who was not identified by the company, has been disciplined for violating company policy, which prohibits storage of company information on a hard drive, Rubinger said. The information is supposed to be stored on the company's computer server. The employee was allowed to have access to the information because of his job, which Rubinger would not specify.
Authorities in Great Britain are investigating the theft, though the laptop has not been recovered, Rubinger said.
The disclosure by Equifax follows news that a laptop containing the Social Security numbers and other personal data of 13,000 District of Columbia employees and retirees was stolen.
That computer was stolen last week from the Washington home of an employee of ING U.S. Financial Services, according to officials with the company, which administers the district's retirement plan.
The laptop was not password-protected and the data was not encrypted, officials have said. ING said it was working with district police and had hired a private investigator.
The company has sent letters to all affected employees warning them of the possibility of identity theft. ING also said it would set up and pay for a year of credit monitoring and identity fraud protection.
Done. Next step?
Now maybe they'll make it easier to communicate with them about errors and identity theft.
I'm glad I'm not the only one.
I hope no one screws up their credit rating.
People need to encrypt their laptops, and any data sources that they remove from "work", or whatever qualifies as work these days.
Is there a fine for Companies that don't encrypt such important personal information? Seems if a company/organization leaves such data unprotected and it's stolen, they should be fined $500K minimum... maybe $1M.
You got that right.
Equifax, works to identify "credit worthiness" for individuals and employers and to assist both in maintaining "credit worthiness", and in this modern age "credit worthiness" is under seige through modern methods of identity theft, and Equifax looses the personal information on its own employees, through negligence. That's rich.
Someone is paying big bucks for this kind of data... this is no coincidence:
http://www.twincities.com/mld/pioneerpress/news/local/14811799.htm
http://www.philly.com/mld/philly/business/technology/14845242.htm
http://www.dailyindia.com/show/35351.php/Laptop-with-13000-identities-stolen
http://www.tmcnet.com/usubmit/2006/06/05/1669381.htm
So who do their employees call to put a fraud alert on their credit? :)
Oh, the Hugh Manatee...
One has to think there will be a massive class action lawsuit over something like this in the near future.
seems like they are targeted for this by criminal orginizations.
Not amusing....but amazing. All my information is registered with all 3 of these agencies. They are supposed to BE CAREFUL!! If my stuff is ever stolen....I will sue them.....
Yes, there shall be, but those can be dragged on forever. When a Company has SS numbers of customers, I would think somewhere in the laws would be a requirement that they take every possible step in protecting that (Federal) information. A criminal violation is what I'm wondering about.....
2,500 is a drop in the bucket. This must be the hot topic of the week.
"Equifax, works to identify "credit worthiness" for individuals and employers and to assist both in maintaining "credit worthiness",
You seem to be mistaken about the "mission statement" of Equifax. Their #1 mission is to avoid lawsuits. They seem to do this by avoiding any effort to be responsible for the "content" of their data. If they take any effort to "clean up" the known inaccuracies in their data, they then risk becoming liable for any remaining inaccuracies. However, if they make no effort to clean up the data, then they have less liability. It's their own version of "Don't ask, don't tell".
Who would be the fining agency and how would anyone prove that the stolen equipment wasn't encryped? What encryption would be required? Even a simple password is a form of encryption.
I can't figure out a legitimate reason for an employee to carry this information around with him or her - particularly US SS numbers in London.
seems to me when the federal government gave businesses the OK to use SS numbers for employee identification purposes, there must have been some requirements about their safekeeping... I just want to read those laws... I'm googling them for now... not making much headway yet though.
Is it just me or has there been a rash of these things lately? You have to wonder if it's a combined effort. Too many in a short span to be coincidence.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.