More than 50,000 General Electric former and current
employees face the risk of identity theft after learning a laptop
computer containing personal data was stolen earlier this month.
“The laptop was stolen from a locked hotel room, we believe it was a
random criminal act,” Russell Wilkerson, a GE spokesperson, told
internetnews.com.
Wilkerson said “evidence suggests the laptop was stolen for its
physical value rather than for its content.” The spokesman
wouldn’t elaborate.
Though Wilkerson did not identify the employee nor the hotel’s
location, he said the data was being used in a project. “We are
considering disciplinary action.”
GE learned of the theft earlier this month, only after
determining recovery was not imminent, and notified the affected
employees Sept. 22.
In the letter, GE offered free one-year identity theft monitoring and
credit checks.
Additionally, GE said it was assessing its procedures to safeguard
personal information. Despite no data encryption and using only a
password, the company has “strict policies in place for laptop and
data security,” according to the spokesman.
The news from GE comes on the heels of word from the Department of
Commerce, which said more than 1,000 laptops are missing, 249 of which contain personal data.
In August, Unisys and the Veterans Administration
(VA) reported a desktop computer was lost, leaving up to 38,000 veterans
at risk identity theft.
“We are at a juncture,” said Joe Wilcox, analyst at JupiterKagan.
“Companies are allowing more mobile devices without putting in place
firm policies to protect the data,” he said.
Laptops containing business data and employee records are often
brought home where the computers can be infected by spyware, Wilcox
said.
In May, a laptop containing the personal data of 26.5 million vets
was stolen from a VA employee’s home.
Though the computer was
recovered from two teenage thieves, the incident prompted the creation of the White House Identity Theft Task Force.
But attention to laptop thefts is a “distraction,” according to Dave
Taylor, vice president of data security strategies at Protegrity.
“We pay more attention to laptop theft than we need to and less on
data theft,” Taylor told internetnews.com.
A survey by AuthenTec, a biometric security firm, found 73 percent of
consumers are concerned about ID theft, yet more than half of the
2,000 U.S. residents polled said they are not taking steps to prevent
the practice.
Taylor said “there is a relatively low probability of ID theft” from
stolen laptops. Laws concentrating on theft of property miss the mark.
“You’re gonna stand a lot more chance of ID theft if what was stolen
was data,” he said.
Taylor said he’s amused by laptop thieves: “No one is accessing the
data.”
Thieves are like IBM in the 1970s, said the security expert. “They
are hardware guys. While the data carries much more value,
thieves will likely be stopped by a simple password and sell the
laptop for $100, he said.
