backtop

Print 11 comment(s) - last by sxr7171.. on Jul 4 at 2:17 AM
A notebook with personal information on donors in Texas and Oklahoma goes missing

It has been reported that three laptops were stolen from a locked storage closet in an American Red Cross office in Dallas, Texas last month.  One of the laptops stolen contains the Social Security numbers and medical history of blood donors.  The Red Cross, however, is not currently looking at the missing laptop as a security breach, according to the organization.  Police authorities and national Red Cross offices were notified after the laptops vanished.  Even though the Red Cross has no obligation to inform donors of the laptop theft, privacy experts have recommended that the organization informs donors immediately.

Because there was no forced entry into the offices, it is possible that an employee stole the laptops. However, a spokesman for that national American Red Cross office believes there is no reason to suspect employees at this time.

Red Cross officials have announced that the data was encrypted to ensure it would be harder for the information to be accessed.  Access to the encrypted files is time-and-date based, which means the information can only be accessed when there is a blood drive or the donor information is being uploaded to a central Red Cross server.

Recently, a notebook with data from more than 26 million US military veterans was stolen, but just recently returned. It is not clear yet how much data was on the notebooks missing from the Red Cross.

Comments     Threshold


This article is over a month old, voting and posting comments is disabled
notebook theft
By Schadenfroh on 7/3/2006 9:26:09 AM , Rating: 2
Any of the conspiracy theorists think that all of these notebook thefts in the past year are related somehow? Like the theft of the veteran's database and several others (wasnt the FDA or something's database stolen?) I mean, even my local city hall was broken into the other day and hard drives were ripped out of of them that contained the social security number, names, and birthdates of all the voters in town.




RE: notebook theft
By rushfan2006 on 7/3/2006 9:32:20 AM , Rating: 2
In all honesty I, and this is scary to even say but I think its the truth, I think data theft be it laptops, running away with CD-Roms or whatever - has been going on for a while now.

Its just they are reporting it more since the VA story broke now its on everyone's radar as a "wow" story -- so the media is doing what they are in the business to do -- pushing the hottest topic because it what attracts readers.

I don't think it's happening more or less per say, I just think we are more informed about what is going on now.


RE: notebook theft
By headbox on 7/3/2006 12:14:06 PM , Rating: 2
Considering my brother, an Army Ranger, became an identity theft victim a week after a VA computer was stolen, I'd say it's pretty damn obvious what's going on.


So This is number ....
By Niv KA on 7/3/2006 11:49:04 AM , Rating: 2
This is stolen laptop with personal inforemation databases nubmer, well about 15. Who here is willing to go count all of them. It all started (I think...) with HP's employees on a laptop and went down since then! There was this bank, veterans, and many more. STORE IT ON A MAINFRAME, DESKTOP, ANYTHING HARD TO CARRY BUT NOT LAPTOPS!!! I sure don't want to see DT being jammed with more thefts when people start storing on PDAs or smaller devices. The only one where I can understand it being on a laptop is Red Cross so that is is easily transportable. Man, stolen laptops is becomeing a frequent thing nowadays.

-Niv K Aharonovich




RE: So This is number ....
By Niv KA on 7/3/2006 12:05:49 PM , Rating: 2
Ok so I looked back at the archives and found only 4 there, but I dont remember any laptops stolen last year, the year before or any other year, (though there was the flashdrives in afganistan, don't remember when though, but I think they were sold,) which means something is wrong :( , unless the person above me is right and its only now that we are getting the news!:|

I don't know why I'm asking this but what make and model was the laptop?

-Niv K Aharonovich


RE: So This is number ....
By sxr7171 on 7/4/2006 2:12:14 AM , Rating: 2
Yeah a nice Thinkpad with fingerprint reader and hardware based security might be nice to have.


By UsernameX on 7/3/2006 12:55:21 PM , Rating: 2
Not too long ago (probably about 3-4 months) my college sent out a letter telling us a laptop had been stolen which had stored all of our personal information, INCLUDING account information (IE Credit card numbers).

It's situations like these that I am more angry at the company not protecting infomation, then I am at the thief.

FFS we are entrusting our information to you so you can make a profit. I want to start signing contracts that state my information will be stored away and encrypted on a server, that only employees with a high level security access, can access. As it stands I'm sure some companys give any employee the rights to check on these laptops. And I'm sure in almost all of these cases it has been employees that have been stealing them.




By Lifted on 7/3/2006 3:11:35 PM , Rating: 2
Sometime last year there were stories in the news about data theft by overseas workers for Citibank (India call center). About a month after this incident, I called Citibank to find out something about my account, and the obviously Indian rep asked me for my SS# to verify my identity. I couldn't believe this guy was asking me this just a month after that news, and I thought it must have been as scam as surely Citibank wouldn't display my FULL SS# to random call reps, so I asked to speak to his supervisor. Sure enough, she said they see all of your personal data each time you call, not just the last 4 digits of your SS# as any business with common sense would have done!

I couldn't believe this was happening even after all the news buts it's clear that business just don't give a crap about the safety of your data if it's going to be an inconvenience or add great cost to their day to day operations. There are no laws stating how a company must protect your data, none. I have dealt worked with/for many companies in the insurance and healthcare fields that routinely give overseas developers complete access to customer account info, and when anything is brought up about security people just roll their eyes.

The only way to protect yourself is to actively check your credit once or twice a year. The people that have your information do not care about you or the security of your personal data. They only care to the extent that it doesn't add 5 seconds more work onto their day.


By sxr7171 on 7/4/2006 2:17:10 AM , Rating: 2
Yeah that isn't good at all. Corporations these days can utterly ruin your life and not give a hoot. We really need laws to protect us, but I really don't see that happening.


By masher2 (blog) on 7/3/2006 9:52:20 AM , Rating: 2
> Red Cross officials have announced that the data was encrypted...Access to the encrypted files is time-and-date based, which means the information can only be accessed when there is a blood drive or the donor information is being uploaded to a central Red Cross server....

I think probably the information wasn't natively encrypted, but rather simply stored in some password-protected timelock program.





By Brandon Hill (blog) on 7/3/2006 11:04:46 AM , Rating: 2
There are RSA devices that change the keys based on the time and data on a keychain device. Those devices are probably disabled until a blood drive is running...well, that is at least one working theory.


"If you mod me down, I will become more insightful than you can possibly imagine." -- Slashdot











botimage
Copyright 2012 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki