Visit www.barracudasecurity.com

Visit www.barracudasecurity.com

Legend

Location Of Theft in AQUA BLUE
URL Of Linked Article In STEEL BLUE or GREEN
Full Content Of Article In BLACK
Theft Description In Body Of Article in RED

Monday, June 19, 2006

FLORIDA COMPUTERS STOLEN FROM JACKSON HEALTH SYSTEM http://www.miami.com/mld/miamiherald/business/14835221.htm

Jackson Health employees' personal data at risk
BY MONICA HATCHER
mhatcher@MiamiHerald.com

Jackson Health System informed 8,500 employees this week their personal information may be at risk following the theft of two laptop computers seven months ago.

The computers, belonging to financial services provider ING, contained information gathered during a voluntary life insurance enrollment drive in December and included names, birth dates and social security numbers.

''We are relatively certain the computers were stolen for their hardware value and the personal information was not accessed,'' said Chuck Eudy, a North American spokesman for ING, based in Amsterdam, Netherlands.

An inventory review at the company's Minneapolis office revealed the laptops were missing in late December, but employees didn't realize they contained sensitive data until about three weeks ago, Eudy said.

Jackson Health was notified of the possible data breach two weeks ago and sent letters to its employees this week.

The Jackson Health incident comes amid a spate of recent laptop thefts that have put the personal information of millions of Americans at risk and reveals the particular vulnerability of portable computing devices.

Last month, the Veterans Affairs Department announced that personal information of 26.5 million veterans was endangered after a laptop and disks werestolen from an employee's home. In Texas, a contractor lost equipment containing information of 1.3 million people who borrowed money through the Texas Guaranteed Student Loan Corp.

The ING laptops were password protected, according to Eudy, but the data was not encrypted. Encryption protects information by scrambling it into indecipherable code. Eudy said ING had begun adding encryption software to all of its laptops, but due to the large number ofcomputers in their inventory, the company had not yet reached the two that contained the Jackson Health data.

On allowing more than six months to lapse before realizing the stolen computers contained sensitive information, Eudy admitted to a flaw in the process.

''It was very disappointing to us that it happened,'' he said. ``[The theft] was viewed as a hardware issue, when it really should have been viewed as a data security issue.''

ING is offering a credit monitoring service for Jackson Health employees for a year for those who sign up. The protection service also provides expense coverage should an employee fall victim to identity fraud.

Posted by Nodrog at 8:40 AM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)