NEW YORK JP MORGAN CHASE AND BANK ONE LATEST VICTIMS OF COMPUTER STOLEN FROM TOWERS PERRIN The Columbus Dispatch - Business:

Laptops with Chase data stolen
Retirees, ex-employees told last week about theft
Wednesday, February 21, 2007

Denise Trowbridge
THE COLUMBUS DISPATCH

The personal information of tens of thousands of JPMorgan Chase and Bank One retirees and former employees has been stolen.

Five laptop computers containing the Social Security numbers, names, birth dates and other personal information of some former Chase workers were stolen from the Manhattan office of Towers Perrin.

Towers Perrin is a benefits-consulting firm that Chase hired as a subcontractor.

The banking company isn’t sure how many workers are affected, said Chase spokesman Jeff Lyttle, but several thousand former employees received letters last week notifying them about the theft.

Chase, which acquired Bank One in 2004, employs about 14,000 people in Columbus.

There is "no indication that any of this information has been used inappropriately," Chase spokesman Tom Kelly said, and the theft will not affect the delivery of pension benefits to Chase or Bank One retirees.

The stolen laptops also contained personal information of employees and retirees of several other Towers Perrin clients, including United Technologies Corp. in Hartford, Conn., and Altria Group, the parent company of Kraft Foods and Phillip Morris.

The laptops were stolen Nov. 27 from a locked computer room, Towers Perrin spokesman Joseph Conway said. They remain missing.

Former Towers Perrin employee Dewayne Rivers was arrested Dec. 28 in connection with the theft. Rivers has been charged with grand larceny and is awaiting trial in April, according to court records.

Since January 2005, more than 104 million personal records of U.S. citizens have been stolen.

Laptop theft is the leading source of data theft, accounting for 40 percent of incidents of stolen personal information. That amounted to about 30 million records in 2006, according to the Privacy Rights Clearinghouse, a nonprofit consumer group in San Diego, Calif., that tracks data breaches.

Companies see laptops as a boon to productivity, said Beth Givens, director of the privacy-rights group.

But the data on laptops often aren’t properly protected or encrypted, she said. "It makes me wonder if companies care about security at all."

The Towers Perrin laptops had two layers of password protection, Conway said.

Data theft has become a hot topic in recent years as consumers begin to realize they have no control over where their information goes, Givens said. And, when data are stolen, it’s the individual’s responsibility to make sure they aren’t a victim of identity theft.

Towers Perrin is providing one year of free credit monitoring to those affected by the laptop theft.

This is the latest in a series of data breaches affecting central Ohio.

Last month, Nationwide said tapes containing the personal health-care information of about 28,000 Nationwide Health Plans customers werestolen from a subcontractor’s office in Weymouth, Mass.

A week earlier, TJX Cos., the parent company of TJ Maxx, Marshalls and A.J. Wright stores, said it was investigating breaches of its credit-card, debit and check-transaction databases, where hackers allegedly obtained unencrypted customer-account information. TJX Cos. has about 10 stores in Columbus.

dtrowbridge@dispatch.com