backtop

Print 16 comment(s) - last by patmcg.. on Mar 28 at 3:37 PM
Fidelity is the latest company to have sensitive data stolen

Fidelity Investments has said a laptop with the personal information of around 196,000 Hewlett-Packard employees was stolen from Fidelity.  The stolen data includes names, social security numbers, birth dates, and addresses for all of the HP employees on the laptop.  The company is working with local police to try and figure out who stole the laptop that was taken from a location that Fidelity has not publicly disclosed.  According to MarketWatch:

"We see no evidence of any misuse of the information," the spokeswoman said, adding that if Fidelity were to conclude that an unauthorized transaction had occurred as a result of the theft, it would reimburse participants for associated account losses.

Fidelity is the company responsible for managing retirement accounts for Hewlett-Packard employees.  Each person has been sent an e-mail and letter stating the situation in which they are all at risk of identity theft -- Fidelity has also offered a year's free credit monitoring to the vulnerable employees.  Another fear is that whoever stole the laptop may not have wanted the data, but will profit by selling the information on the black market.

Comments     Threshold


This article is over a month old, voting and posting comments is disabled
encypted?
By puffpio on 3/23/2006 8:23:23 PM , Rating: 2
Lets hope that data was encrypted really well! I mean..dealing with sensitive customer data...and taking it offsite..you WOULD encrypt it, would you not?




RE: encypted?
By ThisSpaceForRent on 3/23/2006 8:29:21 PM , Rating: 2
Careful now you're starting to make sense.

I don't think it would matter anyway, if someone stole it they could just break the encryption. Account numbers can be changed, but that good ole social security number can't be, at least not easily.

Hell you have to bleed just to get them to replace the card if you lose it, and everyone knows that real Americans don't bleed. (That is a joke feel free to laugh at it.)


RE: encypted?
By Lifted on 3/24/2006 1:20:09 AM , Rating: 3
Well, considering that only a FVCKING RETARD would put all of that info on a laptop to begin with (what, Fidelity has no corporate security policies?), I'd say the chances of it being encrypted are nil.



RE: encypted?
By jskirwin on 3/24/2006 9:51:57 AM , Rating: 2
Careful. That retard is probably the CIO.


I doubt that this is standard policy
By Heatlesssun on 3/23/2006 11:34:05 PM , Rating: 2
Most big companies are starting to get very serious about this sort of thing, as the liability is huge. Even a large company could face serious legal chanlenges from the class action of 196,000 people.

The big company I'm at now requires ALL laptop and desktops have hard disk encryption. Also, taking sensitive customer information offsite can be a grounds for dismissal.




Wow, this is amazing!
By gotincon on 3/24/2006 12:19:32 AM , Rating: 3
You would think that having that amount of sensitive information would garner a bit of physical security. Having that information on a laptop is fine but then the laptop should be handled akin to how the US gov't or contractors handle classified data. It should be kept in a secure location (i.e. locked doors, guards) and kept in a locked safe when not in use. Access should be restricted to it (physically, not just passwords) and a log should be created anytime anyone uses it or opens the safe which it is in.

I bet this occurred because they had NOTHING like that in place. They probably don't even have any idea who has access to it. (Or they can narrow it down to a 100 people or so) Unbelievable. HP should sue the crap out of them. At least this merits a lawsuit versus spilling coffee on yourself and saying you didn't know you could be burned.


RE: Wow, this is amazing!
By hans007 on 3/25/2006 7:07:25 AM , Rating: 2
you know in the early 90s the US government and its contractors were stupid enough to send entire computeres from top secret areas directly to tech support where entire hard drives with say plans for how to i dunno build a jet fighter would be on the machine.

they probably likely to be doing things just as stupid relatively now.


Fine 'em
By DigitalFreak on 3/23/2006 9:48:49 PM , Rating: 3
I love this part: "Fidelity has also offered a year's free credit monitoring to the vulnerable employees." Every time a company "loses" information like this, they seem to think that a free year of credit monitoring makes it all better. What needs to happen is that that company is fined out the ass. Losing huge sums of money, along with the public embarassment, is the only thing that will make corporations take steps to keep shit like this from happening.




RE: Fine 'em
By Mant on 3/24/2006 12:10:48 PM , Rating: 2
Truer words were never spoke


By Darthvoy on 3/23/2006 8:38:49 PM , Rating: 2
Seems kinda fishy...you would think compamies would not store that sort of info on laptops.




By osalcido on 3/23/2006 9:39:30 PM , Rating: 2
yeah really... whats the point of lugging around employees personal info?

people are always paranoid about hackers taking your info... but i'd trust it to be sent from one computer to another via secured connection more than i'd trust some bozo to haul it around when he might drop it or forget it in the taxi


why, why, why, WHY, WHY!!!
By pmercier18 on 3/23/2006 9:45:29 PM , Rating: 2
WHY???? whould anyone take a laptop with 196,000 employee names, social security numbers, and other persornal information out of their building? I understand business meetings can take place outside the office, but why would you need all this information on ONE laptop? wouldnt it be safer to store on a server, and then log onto that server from a different location....duh...But hey, Fidelity did atleast fess up and is offering free theft monitoring(should that not just be givin and not offered?) and they agree to pay back any money that is stolen because of this.

But still...WHY would you store 196,000 employee's persornal information on one laptop and then take that laptop out of your secure building?




RE: why, why, why, WHY, WHY!!!
By IsDanReally on 3/24/2006 3:54:03 PM , Rating: 2
It's standard practice for American Fidelity. They put all the company employees information on a laptop, so the rep can come to the site and sign people up for 401k, accident insurance, section 125 plan, life insurance etc. Simple way for the bring the database to the people...all they need to bring is a laptop, printer, and signature capture device.


Plus or Minus...
By codeThug on 3/23/2006 9:48:59 PM , Rating: 2
"around 196,000 Hewlett-Packard employees"

Wouldn't that be pretty much "ALL" of them?




By breethon on 3/24/2006 6:00:36 PM , Rating: 2
If they are this good at security strategies...just imagine how good their investment strategies are! WOW....something new everyday.




Fidelity Investments
By patmcg on 3/28/2006 3:37:16 PM , Rating: 2
Almost all of the CEO's I met don't even know how to turn on a laptop, the whole mess doesn't add up. I am one of the lucky people who received a letter. Does anybody know any good privacy lawyers?




"There's no chance that the iPhone is going to get any significant market share. No chance." -- Microsoft CEO Steve Ballmer









botimage
Copyright 2012 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki