FTC laptops stolen, 110 people at risk of ID theft

http://today.reuters.com/news/newsArticle.aspx?type=technologyNews&storyID=2006-06-22T221821Z_01_N22408759_RTRUKOC_0_US-CRIME-FTC.xml
These guys are all clowns. Our privacy and information is so unimportant to them, they just leave it lying around :grr:

WASHINGTON (Reuters) - The Federal Trade Commission, responsible for protecting Americans from fraud and identity theft, reported on Thursday the theft of two of its own computers with personal information about 110 people.

The incident was the latest in a series of recent thefts and data breaches involving government computers.

The Veterans Affairs Department said last month an external hard drive containing information on 26.5 million veterans was stolen. The Energy Department discovered personal information about 1,500 employees and contractors was compromised in a cyberattack, and the Agriculture Department said a hacker may have obtained data about 26,000 of its workers.

The FTC laptops belonged to staff attorneys who were using them to prepare an enforcement lawsuit, said Betsy Broder, the FTC assistant director for privacy and identity protection.

The computers, which were password-protected, contained names, addresses, Social Security numbers and some financial account numbers. The laptops were stolen from a locked vehicle last week.

http://www.privacyrights.org/ar/ChronDataBreaches.htm

88,348,579 as of June 16th.

disaster that keeps happening over and over.....the laptops cannot leave the building....see how easy that was....no laptops leave government buildings ever......I think criminal charges need to start happening.........

there are many software doing it (pointsec, pgp, safeboot, etc...)
and vista will come with bitlocker, there will be no more excuse...

just desktops/towers locked to the desk.

Laptops are for things like storage of media or stuff you need for PowerPoint demos, government reports, things like that.

"No laptops" is a bit extreme and unprofessional.

Like I said, something stinks here. Private institutions don't carry your personal info around on a laptop, so why would the government?

If i.d. theft and the buying and selling of your personal information is a problem, it is one that long preceded these news stories that are suddenly and curiously leaking out.

I remember back in 1991, when a friend and I created some joke records in a database that was intended for 'test' records and which was inadmissible to the public.

Someone outside of the institution got hold of these records. I'm sorry, I just don't find it plausible that identity theft and theft of computer records is a relatively recent problem. You don't think greedy thugs and egotistical right-wingers wouldn't think they could seize that stuff as soon as computer databases became common?

I mean, if I were an ambitious, power hungry and greedy fascist, I would try to steal that stuff. These stories make it sound as if this is only a problem when the government can be implicated.

I love how you NEVER, NEVER hear about the criminal-minded who work at your local bank and who can access and sell your information any time they want....all they have to do is steal your social security number - from your place of employment or even your own house. Steal your bank statement, or whatever.

Oh, that's right, it's the FTC.

I heard this on Malloy tonight.

for having the worst people in the world get in line for the Peter Principle. :banghead:

Just today my husband receive a letter from the Texas Guarantted Student Loan Corporation (TG). They said that TG was contacted on Friday, May 26, 2006 by Hummingbird, LTD - A COMPANY THAT WAS CONTRACTED to keep their records management system. A Hummingbird employee LOST A PIECE OF EQUIPMENT containing names and SS# of certain borrowers. The company had indentified HIS information as likely to have been included on the lost equipment. They recommended WE take the fucking time out of our BUSY fucking schedules to contact all three credit bureaus and put a free 90 day security alert on his credit file. They advise it will take 6 to 8 weeks for this process to occur. The letter ends by saying they regret the inconvenience. I want to see more than some so called regret. I want to see serious financial penalities for Hummingbird for their lack of security and financial penalties for the Texas Guaranteed Student Loan Corp for contracting with these dumbasses.

This is become complete and total bullshit. There needs to be serious consequences to companies that are careless enough to not safeguard people's data. The fact that so much of this data is on portable laptops is unbelievable to me. There is absolutely NO reason that databases containing people's SS # and other highly sensitive information should be on employee's hard drives on portable machines. The database should only be located on a secure server to be dialed into with the laptop if it needs to be accessed.

I know that when I had a work laptop, I locked that machine in the trunk everytime I had it with me in the car because I was so afraid someone would steal it and I would look irresponsible to my company. I didn't even have any sensitive info on it... Additionally I shred every single piece of mail or document that contains personal information about me before throwing it away. I also never give my home phone number out to any business, and I rarely put it on any type of application or form.

It pisses me off so much that companies are so lax with OUR information. Will there ever be an end to this theft of information - if those responsible for LOSING it aren't subject to serious criminal and financial consequences??????

It's happening everyday and it should be happening to enough people that it should be the main story on every news channel every night - kinda like shark attacks, Lacy Peterson or the runaway bride... oh wait it's not kinda a news story like that because having my personal information stolen through NO carelessness of my own EFFECTS ME, and MY TIME, and MY FINANCES, and MY STRESS LEVELS---- unlike sharks, Lacy Peterson or the damn runaway bitch bride.

FUK THIS SHIT

That is the part I just don't get. The records should be on a main server. There's no reason for records to ever be on a laptop that I can figure.

I also agree with the person who said they need to make a rule that govt employees just can't take this stuff home. Well, unless they tele-commute, maybe that's it. But I still don't understand why all these records are on laptop hard drives.

from home...but the data would still reside on the servers.....still safer then having the data on the laptop or taking CD's home

I used to work in a college where we had personal and financial information on computers. We would NEVER store such information on a laptop.

Do you mean to tell me that our government is really storing this stuff on portable laptops? There is no reason for that. In all my years of working with financial records, I can't imagine why that information would need to be portable.

Something isn't right here. I can't imagine that the government would make mistakes that smaller institutions would not. I do believe it is illegal to do that. I mean...what is being said here? That government employees take your i.d. theft reports to the local Starbucks with them? Don't think so, David!

Moreover, these self-styled "information brokers" often resort to hacking and social engineering or stealing people's information from their computers in their homes BECAUSE it is easier than stealing it from the government. Which indicates that identity thieves have had trouble in the past with getting into government computers.

I can see this happening at the state level - I once received a phone call from a bogus unemployment official - but not at the federal level.

I'm getting tired of these bullshit stories that are really intended to undercut the federal government. Sure sounds like someone thinks they can pull off a fascist coup to me.

We must not have the whole story...at least I hope not! I worked for the Fed Govt for many years and they were very, very strict about any personal data leaving the building. We would be held personally and criminally liable, and even unintentional misuse required automatic termination. Our laptops were encoded seven ways to Sunday and you had to have a specific reason to check one out of the building. THEN you could only use it to log onto the LAN remotely!!! There was never any individual data kept on a laptop. And NO reason to EVER have a database of 2+ million individuals sitting around on a hard drive! If we needed a database for programming purposes, there were phony ones we could use.

I guess it's because we went to such lengths to protect names and SSNs that it drives me crazy that people now think "The Government" plays fast and loose with personal info.

I agree. But when I worked for the Fed we also had Prima Donna's who had to have a laptop. They would cry to the department head and eventually get their way. They could burn or download stuff to a laptop if they had access to it. Most of the time these folk could hardly run Power Point and had real difficulty figuring out how to 'log on' remotely. I absolutely hated having to deal with laptops.

Laptops should have CAIC card or thumb drive encryption devices to prevent unauthorized access, drive encryption too. Users should have a specific mission and be held accountable. Sadly, this is not always the case. I would not want to even guess how many unaccounted for laptops there are in the government at any given time.

The person responsible for the physical security of the computer should be required to have his/her name/address/phone #, SS#, credit cards numbers/medical records, etc etc etc included in a screensaver. I bet they'd be a lot more careful about hanging on to the laptops. Maybe if all the department heads had their personal information easily accessible on harddrives, they'd get their asses in gear and come up with better security from hackers too.

employee had their notebook stolen out of a car. About 3,000 names and SS numbers of former and current students were on it.

Just another coincidence?

http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2006/06/23/BAGQLJJ2LB1.DTL&hw=laptop+stolen&sn=002&sc=812

Some asshole tried to ID theft me last year by attempting to apply for some credit cards with my name and SS#.

sailors info...holy fucking shit! This is out of control.

It's awfully damned funny that we didn't have this type of activity all throughout the 90's...I think this is bullshit and that the bushit government is tapping into this info. Not sure what is going on but I am WAY suspicious.