RealTime IT News

GE Employee Data Stolen From Laptop

More than 50,000 General Electric former and current employees face the risk of identity theft after learning a laptop computer containing personal data was stolen earlier this month.

"The laptop was stolen from a locked hotel room, we believe it was a random criminal act," Russell Wilkerson, a GE spokesperson, told internetnews.com.

Wilkerson said "evidence suggests the laptop was stolen for its physical value rather than for its content." The spokesman wouldn't elaborate.

Though Wilkerson did not identify the employee nor the hotel's location, he said the data was being used in a project. "We are considering disciplinary action."

GE learned of the theft earlier this month, only after determining recovery was not imminent, and notified the affected employees Sept. 22.

In the letter, GE offered free one-year identity theft monitoring and credit checks.

Additionally, GE said it was assessing its procedures to safeguard personal information. Despite no data encryption and using only a password, the company has "strict policies in place for laptop and data security," according to the spokesman.

The news from GE comes on the heels of word from the Department of Commerce, which said more than 1,000 laptops are missing, 249 of which contain personal data.

In August, Unisys and the Veterans Administration (VA) reported a desktop computer was lost, leaving up to 38,000 veterans at risk identity theft.

"We are at a juncture," said Joe Wilcox, analyst at JupiterKagan. "Companies are allowing more mobile devices without putting in place firm policies to protect the data," he said.

Laptops containing business data and employee records are often brought home where the computers can be infected by spyware, Wilcox said.

In May, a laptop containing the personal data of 26.5 million vets was stolen from a VA employee's home.

Though the computer was recovered from two teenage thieves, the incident prompted the creation of the White House Identity Theft Task Force.

But attention to laptop thefts is a "distraction," according to Dave Taylor, vice president of data security strategies at Protegrity.

"We pay more attention to laptop theft than we need to and less on data theft," Taylor told internetnews.com.

A survey by AuthenTec, a biometric security firm, found 73 percent of consumers are concerned about ID theft, yet more than half of the 2,000 U.S. residents polled said they are not taking steps to prevent the practice.

Taylor said "there is a relatively low probability of ID theft" from stolen laptops. Laws concentrating on theft of property miss the mark.

"You're gonna stand a lot more chance of ID theft if what was stolen was data," he said.

Taylor said he's amused by laptop thieves: "No one is accessing the data."

Thieves are like IBM in the 1970s, said the security expert. "They are hardware guys. While the data carries much more value, thieves will likely be stopped by a simple password and sell the laptop for $100, he said.