Yet another laptop theft: Agilent warns 51,000 workers of potential data compromise

Latest News | News Archive |

Posted by: Tweaker
Date added: 23:10, 25th March 2008 GMT
Source: Computer World News

In what is becoming an increasingly familiar story these days, the theft of a laptop PC containing unencrypted confidential data has prompted yet another organization to issue a warning notice to tens of thousands of people.

In the latest incident to come to light, the data breach notification came from Agilent Technologies Inc., a Santa Clara, Calif.-based maker of test and measurement equipment. Agilent last week completed the process of sending letters to 51,000 current and former employees to inform them that some of their personal and financial information may have been compromised.

The breach notices were sent out following the theft of a laptop from the car of an employee at Stock & Option Solutions Inc. (SOS), a stock-plan management services firm that works for Agilent as a third-party contractor.

The data, which was stored in an unencrypted form on the laptop, included the names, addresses, Social Security numbers of the affected individuals as well as financial information related to their Agilent stock options, said Amy Flores, an Agilent spokeswoman.

According to Flores, Agilent requires all vendors and services providers that handle employee data to encrypt the information when it is stored on laptops and desktop PCs. "It is absolutely required here," she said, noting that Agilent officials were "very surprised" to find out that the data on the stolen SOS laptop wasn't encrypted.

Flores said that SOS reported the theft to Agilent on March 4, and that the company within 48 hours began contacting current employees via e-mail to notify them of the potential data compromise. After that, Agilent began working to alert all of the former employees who were affected by the breach, she said.

Just yesterday, the National Heart, Lung and Blood Institute (NHLBI), which is part of the National Institutes of Health, said that a laptop containing unencrypted personal and medical data on about 2,500 participants in a cardiac study had been stolen from the locked trunk of the car of one of its employees.

The potentially compromised information in that incident included names, birth dates, hospital medical record numbers and medical data from cardiac MRI reports, such as heart measurements and diagnoses, according to a statement issued by the NHLBI.

Such thefts have prompted security analysts to advocate that users encrypt all data stored on laptops, desktop PCs and removable storage devices.

Indeed, after a laptop and external hard drive containing the personal data of 26.5 million military veterans and active-duty personnel were stolen from a worker at the U.S. Department of Veterans Affairs in 2006, the federal government first recommended that agencies encrypt all sensitive data on laptops and then made it an official requirement. And several state statutes, such as California's SB 1386 breach notification law, include safe-harbor provisions for companies that encrypt their data.

  Tools: Post a comment | Link to this news item | Send to a friend | Submit News

Error: You are not logged in.

In order to leave comments to news articles you must be a Cyber Tech Help Member.

Registration is completely free!    Register to become a member

Along with access to leave comments to news articles you will be able to ask any computing questions you might have on the Cyber Tech Help Forums.

[  To top | Latest News | News Archive | ]