AP- Laptop with D.C. workers' data stolen

WASHINGTON - A laptop containing the Social Security numbers and other personal data of 13,000 District of Columbia employees and retirees has been stolen, officials said.

The computer was stolen Monday from the Washington home of an employee of ING U.S. Financial Services, said officials with the company, which administers the district's retirement plan.

<snip>

"For us, this is very unfortunate," she said. "But we're moving forward, we're very focused and committed to find any other laptops that don't have encryption software and to fix that. This incident revealed a gap."

Link: http://www.philly.com/mld/philly/business/technology/14845242.htm



***

A gap!? - seems more like a canyon in the industry these days

Looks like a dupe here - I only searched LBN prior to posting.

just a couple of weeks ago. http://www.va.gov/

This is bizarre. There is no excuse for two laptops with personal information being stolen in such a short period.

brought to DU's attention thanks to DU poster Roland


http://www.privacyrights.org/ar/ChronDataBreaches.htm



85,149,786.....the number of people affected by personal data being compromised.

organized effort to gain Total Information Awareness, or anything.

notofied me a few months back that a "third party" (I think it was a payroll management contractor) lost control of employee personal data. The details were vague, but they were concerned enough to give us a letter warning us to be on the lookout for suspicious activity.

I didn't see any mention of this in the news, and now I wonder how many other employers have "lost" their employees data in therecent past - without it's being mentioned in the news.

Me too.

I found the place I used to work for and am waiting to draw my pension from on that list! :scared: :wtf: !!!


:kick:

It changes rapidly, doesn't it?

Welcome to DU. :hi:

in last elections. Seems they find names/addresses of active duty in Iraq, send mail (marked Do Not Forward) to their homes while they are overseas. When mail comes back, they issue a challenge to that person's vote on basis that they weren't HOME to get the mail!

So, that HUGE data bank of vets AND 80% of active duty personnel goes missing. Within a couple days, Cheney is sure the GOP will win in Nov.

Connect the dots

http://www.democraticunderground.com/discuss/duboard.php?az=view_all&address=364x1443718

or government agency who didn't install encyryption software at least by six months ago should be liable. Any company or government agency who allows this data to go outside the doors of company or agnecy should be liable.

This is looking very stinky.

For lack of coherency of the who what where and why of it, I say it appears to be a plan to populate the database at Poindexters hub and outsourced operatives.

All the thefts whould be compiled, analyzed, and tracked.

being taken home? Shouldn't these be left in secure places?

What idiot had this laptop at home on MONDAY of THIS PAST WEEK - when the news of the VA theft (also, iirc, a lap top - with secure data - was stolen from a home)?????

I can see the need to bring a laptop home to help with work sometimes, but to be packing sensitive personal data around is just completely irresponsible.

They should have made it impossible for confidential live data to get onto a lap top in the first place. Having worked in the computer industry for over 16 years I am afraid this sort of disaster is getting more and more common. I blame the Management Consultancies who now seem to dominate the IT business as they generally obsessed with 'business process' not security. I fear that we will not see any improvement in this area unless corporate executives are made criminally liable for the loss and abuse of personal data in their company's possession.

(ING) - and in the story it says a similar breech happened (also on an unsecured laptop with data that was not encrypted) MONTHS ago - but folks whose data was compromised were not notified UNTIL LAST WEEK. I think that your point is well made, esp in light of private contractors doing outsourced work, where the data is just for one of many clients - rather than a department of the organization - in which case one's own personal data would be included in the same file (nothing creates a little more serious, than trying to keep one's own data secure.)

Outsourcers will always care less about your business than you do because at the end of the day you are normally just one part of their client base. If they foul up and lose the contract it is normally not the end of their world. You meanwhile might just go bust. If IT really is critical to a company's success then it should be run in house.

They should have made it impossible for confidential live data to get onto a lap top in the first place.

Virtual private networks, anyone? They make you access your data by accessing the actual server, which can't be stolen when you're not working with it. All a laptop thief gets is the laptop!

:headbang:
rocknation

(note the type of company this happened to and the attempt of the writer to downplay this some extraordinary facts)



Note when it was actually stolen, when the client was notified and when ultimately the public heard about it. Note that E&Y didn't even KNOW what data was on the laptop.

Obviously a THIS company, that is PAID to consult on IT security and audits, are far more interested in it's corporate liabilities than the public or even it's clients interests.

My cynical take: Some of this is being done on purpose...these are not mistakes or little lapses.

Simple Rule of Thumb:
In business, If the reward far exceeds the risks (come on down credit derviatives), then 'just do it'.

...because the information being stolen is in many cases worth millions and millions and the 'punishment': next to 'nil' -- it's by design.

It takes next to no organzing or risk in finding a 'vendor', whose out of town, bored at hotel bar, you pay a hooker to make him think he's a stud and then just do it...hell just imagine if you did this type of thing regularly for years in the service of an intelligence agency and then decided to 'contract' out.

and a lot of people happen to have online bank accounts (the "ORANGE SAVINGS ACCOUNT" with ING Direct as it is known. http://home.ingdirect.com/

They don't mention this at all in this story.

This is mentioned in the post at 11:33 PM last night!

http://www.chron.com/disp/story.mpl/ap/fn/3979736.html

June 17, 2006, 11:33PM
Laptop With D.C. Workers' Data Stolen

© 2006 The Associated Press
WASHINGTON — A laptop containing the Social Security numbers and other personal data of 13,000 District of Columbia employees and retirees has been stolen, officials said.

The computer was stolen Monday from the Washington home of an employee of ING U.S. Financial Services, said officials with the company, which administers the district's retirement plan.

The company has sent letters to all affected employees warning them of the possibility of identity theft. ING also will set up and pay for a year of credit monitoring and identity fraud protection, Campbell said.

<snip>

Two other ING laptops containing information on 8,500 Florida hospital workers were stolen in December, but the employees were not notified until this week, said ING spokesman Chuck Eudy. Neither laptop was encrypted, he said.

:dem: :kick:

I also would like to know why people are taking laptops with all this sensitive information on them home. And why this information is on the laptop in the first place. I would expect that all the sensitive information lives only on a server and the employees access it through a network or secure internet connection. And that there are safeguards to prevent tons of information being downloading to a computer.

I'd be checking into these peoples' financial situations. I would almost guarantee that these 'thefts' result in loads of money appearing in their accounts. Or the thefts never occured to begin with; the laptop just mysteriously disappeared into a dark corner of their house for malevolent purposes. It's happening too often to be mistakes; something else is going on here.

June 17, 2006, 11:33PM

WASHINGTON — A laptop containing the Social Security numbers and other personal data of 13,000 District of Columbia employees and retirees has been stolen, officials said.

The computer was stolen Monday from the Washington home of an employee of ING U.S. Financial Services, said officials with the company, which administers the district's retirement plan.

<snip>

Two other ING laptops containing information on 8,500 Florida hospital workers were stolen in December, but the employees were not notified until this week, said ING spokesman Chuck Eudy. Neither laptop was encrypted, he said.

more here:

http://www.chron.com/disp/story.mpl/ap/fn/3979736.html

I searched trying to find out if this story had already been posted. I found no record of it or the other thefts that occurred in December. I wonder if ING Financial Services is part of or one of the same as ING Direct where many people have online bank accounts located?

Note the time this story appeared. It almost missed LBN! Many people are doing business with ING as they have an online bank offering fairly high rates on their savings accounts (like 2-3% more than your regular bank).

:scared:

On edit: It is the same financial services as ING Direct known for their "Orange Savings Account". This link here takes you to a page that has a link to their site for the savings account they offer:

http://www.ing-usa.com/us/index.htm

:dem:

U.S. OUT OF IRAQ!

are stealing it just going to spread out their theivery over a larger portion of the populations sho that it is not as noticeable? Or are there more sinister reasons for doing so? Total Information Awareness doesn't want to leave a paper trail?

another one from "Florida". Gives me the creeps. If I had a bank account online with ING I'd close the sucker out ASAP. I checked them out and was advised of a serious security problem. It was easy to see it when pointed out.

Luckily, I never opened an account with them. I did have one at another online bank but closed it out.

Sooner or later they will get everyone. Why and for what purpose is not yet known. It is very upsetting at best.

People need to very highly concerned about this and demand answers about it, not a bunch of form letters! :grr:

:kick:

from a dumpster.. easier to find the lap top and steal it... another question again.. why are these computers so unprotected... time to do away with the s.s. numbers.. they are too easy to gain access to and too easy to reproduce.

the GOP is behidn these reams of data going missing. Caging lists, cntributor lists, et al

Hey after the Vet one went missing I got a call from a Repuke running for the Central Committee of the local party. Folks I am an indepenenent. I cannot vote for central comittees of EITHER party... his opening line, we suport vets... boy, oh boy, oh boy better than my morning coffee, I tore into him.

That said, folks this has told me that they were stolen by GOP operatives... now proving it is a whole different matter

I don't want to appear 'tin foil,' but it seems to be more than co-incidental.

Through the years, the "type" of white-collar "THEFT" (often tied to this Admin.) has become more sosphisticated. In the 80's, it was Neil Shrub's "VAST (UNPUNISHED) theft" of Savings & Loans...last year after Katrina, billions "disappeard" into the pockets of private contractors (via FEMA & Red Cross help)...instead of going to the deserving victims of Katria. And of course, the billions, trillions of EVERY MAN's "money" "disappearing" daily via cash hand-outs TO and BY contractors in this illegal war.

I liken this massive theft of "I.D." (including a few months ago), the SS#'s, etc. of Senate/Rep employees... only the BEGINNING of a plan to "steal" money and identities DIRECTLY form HUGE groups of Americans...either to use that data to "change OUR votes" in future elections, or to STEAL directly from our bank accounts (kind of a sophisticated, updated Savings & Loan theft plan engineered by Neil Shrub in the 80's).

None of us are immune to "identity theft." And the large number of these "thefts" of SS#'s and I.D. of all sorts of people in all sorts of huge groups demographically indicates the future "planning" of a "theft" of a larger sort from many or most of us...be it our "I.D." or DIRECTLY from our bank/savings accouts.

And I do NOT believe the theft will be done by "little", small time thieves. What we're talking about at this time (given the amount of D.C.-based loss of personal data)...we're talking BIG-TIME powers-that-be theft of stealing from the poor (on a MUCH larger scale, and giving to the already Rich)...what has not already been "stolen" through the increased taxes to the poorer, and decrese in taxes to the Rich.

Information to create a file on every single US citizen.

http://www.marketwatch.com/News/Story/Story.aspx?dist=newsfinder&siteid=mktw&guid=%7B5EB7D976%2D2922%2D4E99%2D9F6E%2DB1F323A884FA%7D&symbol=

SAN FRANCISCO (MarketWatch) -- The Social Security numbers and other personal information for 13,000 District of Columbia workers and retirees are now in the hands of thieves who reportedly stole a laptop from the home of an ING U.S. Financial Services employee last week, the company confirmed.

ING U.S. Financial services, a subsidiary of Amsterdam-based ING Groep, N.V. (ING : 37.04, -0.15, -0.4% ) , manages the District's retirement plan, and notified the city on Friday of the laptop theft. The laptop was stolen from the home of an ING financial adviser and agent responsible for overseeing the District's retirement plan.

The theft was reported last Monday, but ING took the ensuing days to confirm details of the crime and ascertain what information was stored on the laptop, Caroline Campbell, an ING spokeswoman, said.

The company is mailing letters on Monday to the workers and retirees whose personal data was stored on the computer, and will pay for a year of credit monitoring and identity-theft protection, Campbell said.

...more...

They're pretty cheap retail, I can't imagine they go for much on the street.
The information is the target, are all these thefts coordinated I wonder?
Corps/Gov need to wise up with their data security and we need to start holding them liable.

Perfectly good laptops can be found for $500 brand new these days. So all these recent "thefts" has me wondering if it is part of a plan for some future "caging" or other criminal antics by republicans in either this election, or in 2008 when the hangman's noose might well be waiting for more than a few.

weird, if not anything else, it is weird.

I envision McDonald's golden arches:

Over 88 million stolen.

http://www.privacyrights.org/ar/ChronDataBreaches.htm

88,347,279

I used to work for a medium-sized mail order company which jealously protected its mailing list. Near the end of my time there, my boss found out that a disgruntled (if you're happy, are you gruntled?) former employee had copied the list before leaving the company and sold it to a competitor. My guess is that this kind of thing happens ALL THE TIME with personal information--credit card numbers, social security numbers, you name it--if it's out there, somebody's going to be tempted to sell it to the highest bidder. The "stolen" government laptops are just the instances we know about.