Laptop theft exposes data of 106,000 US taxpayers

Connecticut state officials in the US have acknowledged that an employee laptop containing thousands of taxpayer names and social security numbers was stolen about two weeks ago, but said there was no indication that the information had been used for fraud.

Sarah Kaufman of the state revenue department said the news had been delayed to give staff time to determine what was on the laptop and who might be affected.

According to published reports, the affected taxpayers will be notified by letter. A web site has also been set up for citizens to find out whether their personal data was stored on the laptop.

Misplaced or stolen laptops have become a growing security problem. The biggest case of personal data being exposed to possible fraud due to such an incident occurred at the US Department of Veterans Services (VA) last year, when a laptop computer housing the personal data of 26.5 million veterans and about 2.2 million active duty personnel was stolen from the home of a department employee. The laptop was eventually recovered.

News source: Computer Weekly

Report a problem with article
Previous Story

MSN Messenger vulnerable to 'highly critical' webcam flaw

Next Story

Microsoft Remains Silent on AutoPatcher

7 Comments

Commenting is disabled on this article.

why dod poeple still keep sensitive data on laptops, how many times does it have to happen before people realise to keep this stuff on their servers in locked down server rooms, do these people have no idea of security

They should just lock down the laptop so no files can be saved to it. All work should be VPN'd in and dealt with directly on the servers.

There's no excuse for carrying data like this when it is easily accessible via VPN.

Fire the employee. Fire the IT security team.

Sue the cr@p out of the state.

Just maybe other states and companies will begin to get the point.

Rohdekill said,
They should just lock down the laptop so no files can be saved to it. All work should be VPN'd in and dealt with directly on the servers.

There's no excuse for carrying data like this when it is easily accessible via VPN.

Fire the employee. Fire the IT security team.

This is PRECISELY why VPN exists for crying out loud. So that the local machine does not host confidential information...period. It's also why the password can't be saved automatically for secure sockets/vpn, etc. As long as these issues are covered, anyone stealing the laptop can't access the data directly or remotely until long after IT has disabled and then replaced the account in question for the careless (or ripped off) owner.

Have these companies never heard of encryption??

Let me see.... give a laptop to an employee, let them load it up with sensitive data, poke your head in the sand and pray it doesn't get stolen, if it does then just offer some wishy-washy statement that it's not really as bad as all that.