The Register reported yesterday more stolen laptops; this time an Ernst & Young employee had a laptop containing personal information for IBM’s current and past employees stolen from his/her car. Traits similar to other laptops that have been lost or stolen: 1) The laptop was stolen from the E&Y employee’s car; 2) The data, including SSNs, birthdates and other personal information easily used for fraud and identity theft, was NOT encrypted.
This event apparently happened in January, but the IBM employees whose personal information was on the laptop were not notified until March.
There have been other E&Y laptops with personal information stolen and lost in the past.
When will companies learn to 1) Train personnel on acceptable physical security for mobile computing devices, and enforce policies addressing such requirements; and 2) Encrypt data on mobile computing devices?
Technorati Tags
lost laptop
personal information
privacy
privacy breach
stolen laptop