Aces High Bulletin Board
General Forums => The O' Club => Topic started by: Krusher on March 24, 2006, 09:10:21 AM
-
We were just informed that the company that runs our 401k had a laptop stolen with our personal data on it. It was bad enough they had an unprotected system stolen, but why the hell did they have our pesonal data on a laptop in the first place?
Our names, address, ss#s, phone numbers, account balances, compensation amount all were part of the information on this idiots notebook.
-
Call your bank and and investment companies to have your accounts monitored. I don't know if there is much else that you can do.
-
If anyone suffers any financial losses, or other effects of ID theft, get a lawyer. The company is obliged to protect that data, and can possibly be liable for failing to adequately protect it.
And, start documenting everything right now, beginning with that memo.
Good Luck
-
Originally posted by Goomba
And, start documenting everything right now, beginning with that memo.
That some good advice right there.
-
I bet it was an islamamist. Those thieves would steal anything that could conceal a bomb.
-
in Britain (britian to americans) we have a thing called the Data Protection Act, so people cannot hold your details without your permission.
-
Originally posted by Furball
in Britain (britian to americans) we have a thing called the Data Protection Act, so people cannot hold your details without your permission.
Um....we Americans spell it "Britain" too.
-
Originally posted by Krusher
We were just informed that the company that runs our 401k had a laptop stolen with our personal data on it. It was bad enough they had an unprotected system stolen, but why the hell did they have our pesonal data on a laptop in the first place?
Our names, address, ss#s, phone numbers, account balances, compensation amount all were part of the information on this idiots notebook.
This is occurring with more frequency. Employees are taking their work home with them to finish up after hours projects or to telecommute.
We've had two laptops in my area that have been stolen from a medical facility with gobs of patient information on them. A clear violation of a little thing we in the US call HIPPA. A few big fines from the government and a couple big law suits and companies will get the hint.
Any laptop that has client information on it in my company is encrypted, in case a similar situation arises. I don't think it will be too much longer before all companies take similar steps.
Hopefully the thieves will be clueless as to how to get to your information. Best of luck to you.
-
Originally posted by Furball
in Britain (britian to americans) we have a thing called the Data Protection Act, so people cannot hold your details without your permission.
sweet. that will stop laptop theives from posessing your data, as they obviously respect the law.
-
That should company should be sued out of existence to be so inept to allow anyone to place trusted data on a portable computer.
Protecting trusted data is a matter of discipline and process. Anyone putting trusted data on a laptop simply means there is no process, nor discipline in place. The IT department should be fired, in its entirety, from the top down. Idiots.
-
So far half the information isn't any good.
-
The worst part is, the protocols and procedures for securing data have been around forever.
I remember being instructed in the matter way back in the early 90's when we first started getting the things.
Hell, I almost got hit in the security line at the airport by a bump-n-grab (Perp1 watches metal detector line, waits for laptop guy, signals Perp2, causes mild distraction while laptop travels to the secure side where Perp2 is waiting to pick 'er up and walk away non-chalant). Spotted it happening, caught Perp2's eye and pointed directly at him as he was approaching. He did an about face and took off, and his pal was gone when I turned around. (Remember, this was pre-911. Today would probably be different)
If the company does have protocols that weren't followed, you could hit the guy personally, too. Some kind of reckless disregard thing, perhaps.
I agree with Skuzz...no excuses these days. Data Security is no secret. And to be frivolous with financial and identification data?
He's right...bag the lot of 'em, for Monumental Stupidity.
-
Here's a guide that should help.
http://clarkhoward.com/shownotes/category/8/36/243/375/
-
If Boeing can do that, why not others.
Funny thing is my last contract was over 8 years ago and they still had my SSN, bank account #, etc, all unencrypted on some stupid laptop.
All I got was 1 year free credit monitoring....
-
Originally posted by Tarmac
sweet. that will stop laptop theives from posessing your data, as they obviously respect the law.
Originally posted by Krusher
It was bad enough they had an unprotected system stolen, but why the hell did they have our pesonal data on a laptop in the first place?
Sorry, i wasnt trying to be a smartarse or anything, i was just referring to the above. As far as i know they do not have something like this in America. (why so much junk email originates from there)
Data Protection Act (http://www.opsi.gov.uk/ACTS/acts1998/19980029.htm)
-
If we don't have the Data Protection Act here in America, then sombody in Washington needs to look up from his Iraqi war paperwork and get to work. ( not mentioning any names here.....bush )
-
Thanks for the tips guys,
I am surprised this han't made the news yet considering the company is fidelity investments.
I just recieved their overnight letter explaining the situation. It was stolen March 15th, we were just notified 8 days later! By now they thieves have had time to sell what they wanted. There is supposedly a software license that expired and made the data "difficult to interpret". I doubt the thieves waited very long to examine the contents, and difficult is not impossible.
We have been told to contact the credit reporting companies and put fraud alert on our listing and check use our one free credit report to look for unusual accounts.
This is crap I have made every effort to keep my personal information safe and in what can only be described as an idiotic act they gave it away by putting it on a laptop.
-
Originally posted by Skuzzy
That should company should be sued out of existence to be so inept to allow anyone to place trusted data on a portable computer.
Protecting trusted data is a matter of discipline and process. Anyone putting trusted data on a laptop simply means there is no process, nor discipline in place. The IT department should be fired, in its entirety, from the top down. Idiots.
when I found out it was on a notebook I was stunned at the stupidity. I am waiting to see what my company is going to do to support us but so far they have kept pretty quiet other than warning us it was stolen.
-
You should also put out a fraud alert with the big three credit companys so that if anything does happen you have notified them.
There have been 2 instances when our information has been stolen (Bank and Healthcare company)...both times we were advised to put the fraud alert with the credit companies.
In addition...we put fraud alerts on our CC's, Bank accts, investment accts, etc and established verbal passwords with each company.
I know this is a really crappy situation for you. HOWEVER, you have to take action on your part to prevent something dire from happening.
I am very sorry to hear what happened. BTW...I would be going after that "investment" guy that lost your information...my lord on a laptop??? Where was it stolen from? If the laptop was for company use only aka in the brick and mortar building and secured like desktops are then so be it...in addition that information should be on the SERVER and not the personal hard drive in my opinion.
-
i heard it was only HP employee data, i have accounts with fidelity and did not get a letter.
-
I'm sure you gave them permission to have your information wherever they wanted to put it, so they haven't done anything wrong here.
Right Mav?
-
Urchin,
I think I hear your mommy calling you to balance your checkbook for this year. :rolleyes:
-
Originally posted by guttboy
You should also put out a fraud alert with the big three credit companys so that if anything does happen you have notified them.
I did that last night, thanks
-
Hey there Deputy Fife, where is his lecture about taking responsibility for his information?
Or don't your amigos get em too?
-
Originally posted by Urchin
I'm sure you gave them permission to have your information wherever they wanted to put it, so they haven't done anything wrong here.
Right Mav?
I think theres companys out there that collect personal information weather or not you give them premission to do so, I bet someday were all gonna be sitting watching the news and see a company that has personal information that their not supposed to keep get busted because of some security risk that went haywire.
-
See Rule #4
-
Kinda sad really... yer bare assed nekkid as far as 'protection' goes. Data Mining, ChoicePoint, Homeland Security..
ANY concept on your part that your personal info is 'secure' is utterly ludicrious.
The fact that somebody swiped a laptop with those bits of personal data on it pales in comparison to the shocking reality that for a modest fee ChoicePoint can tell yah things about yerself, yer family, yer friends, contacts, business and personal habits and health you probably already forgot about.
But they didn't.
'Privacy' is nonexsistent.