The Federal Bureau of Investigation lost 116 laptops and discovered another 44 had been stolen in the last four years, according to a new report from the Justice Department’s Inspector General.
Those figures are significantly less than the 300 laptops lost and 17 machines stolen the Justice Department estimated in a 2002 audit.
Although the current figure is almost half the number of lost and stolen laptops uncovered during the 2002 audit, the finding is still a “significant deficiency,” the audit’s authors reported.
In the Inspector General’s report, which also investigated loss of FBI weapons, six of the laptops missing were used by the FBI’s Counter-Intelligence Division and one was assigned to the Counterterrorism Division.
However, the report said the FBI could not determine in many cases whether the lost or stolen laptop computers contained sensitive or classified information.
“We acknowledge more needs to be done to ensure the proper handling
of the loss and theft of weapons and laptops, and the information
maintained on them,” FBI Assistant Director John Miller said in a
statement.
Miller said the agency plans to increase “institutional and personal
accountability” to minimize the losses.
The new tallies come after a raft of lost or stolen laptops are sweeping the nation, triggering widespread fears of identity fraud even though the data contained on those laptops is neither accessed or used.
Major laptop theft cases, such as the machine taken from the home of a Department of Veteran Affairs employee that contained personal information on 26.5 million veterans, have also spurred Congress to demand more stringent data security regulations.
Steve Roop, vice president of products and marketing at laptop security firm Vontu, said 50 percent of laptops stolen contain
confidential data. Because data on laptops is so valuable now, people should be worried about such reports.
“You could move the entire citizen database to an 80-gigabyte iPod,” Roop told internetnews.com.
Following the VA data breach, the White House issued a data directive mandating government agencies institute laptop security practices within 45 days. Less than 10 percent of agencies have complied with the order, Roop said.