GE laptop theft exposes data on thousands

The Social Security numbers of 50,000 employees were on a notebook stolen from a hotel room, GE says.

The story "GE laptop theft exposes data on thousands" published September 27, 2006 at 9:50 AM is no longer available on CNET News.

Content from Reuters expires after 30 days.

[marileev]

Steal a Car? Laptops can get you more $$$

50,000 pieces of data with Social Security Numbers. It's like a broken record -- not just private companies, not just government agencies. Keep these machines on lockdown people.

Criminals can get more $ from stealing a laptop than taking a Mercedes to a chop shop <a class="jive-link-external" href="http://www.essentialsecurity.com/news.htm?id=41" target="_newWindow">http://www.essentialsecurity.com/news.htm?id=41</a>

[paulsecic]

Why arn't they

on a secure servers? Employees shouldn't be able to take them off site.

[Dennis Deveaux]

Once again I ask

Every time I read this article, I have to ask....

Why was such sensitive data on a laptop to begin with?

You'd think companies would start to realize that with the amount of laptop thefts, protecting data should be a top priority. That means no sensitive data on easily-stolen laptops -- or at the very least, use a very strong encryption on the data.

[marileev]

Changing Habits

Mr. Deveaux, you're right - why don't these habits change? If they're not going to change and companies are going to allow huge amounts of private data to be stored on laptops anti-theft tools need to be applied to the files.

If the habits won't change -- then apply technology to help ameliorate the trend <a class="jive-link-external" href="http://www.essentialsecurity.com/admin/App_upload/RemoteLaptopSecurity.pdf" target="_newWindow">http://www.essentialsecurity.com/admin/App_upload/RemoteLaptopSecurity.pdf</a>

[SayITLoud]

Free Credit Monitoring For A Year?

I am one of those unfortunate GE employees whose information was on that equipment. What a surprise to see that the free credit monitoring they are offering is provided by none other than GE Identity Theft Protection. So, now they want us to sign up for a service that will give them access to not only our name, address and social security number, but all of our credit account information in order to monitor it! If they couldn't keep my employee data secure how can they keep my customer data secure? Free or not I will seriously consider using another non GE source to monitor my credit. I also will carefully read the liabilty limits for any service I contemplate using. Any employee that lets hardware out of their site with personal information of this nature on it should be terminated!

[Jeremiah256]

MY SYMPATHY

As a active duty serviceman, I feel your pain. What I want to know is, why hasn't there been any legal action taken to put the fear of god in these companies?

Why isn't some ambulance chasing lawyer out there trying to make a name for themselves (and 50%) by sueing these companies for neglect, invasion of privacy or something? What am I missing?

[wbenton]

Stupid is as Stupid Does

In this day and age... after oodles of numerous similar reports of theft... they still allow this to happen.

My only reply to this can be: Stupid is as Stupid Does!!!

There is no other explanation.

Our security is only as strong as it's weakest link.

And at present, that happens to be laptops in the hands of nincompoops of an employee with a lax corporate security policy!!!

Walt

[aenve]

The full story

According to inside sources, more than a few company employees were told that the laptop was in the possesion of a junior auditor--who was traveling on a company assignment in Zimbabwe when the laptop was stolen. Nobody at the company is brave enough to ask Geoff Emmelt:
1.Why would a junior employee be allowed access to a database that contains confidential information, including social security numbers?
2. Why would this kind of data be allowed on a laptop that isn't handcuffed to the laptop's onwer.
3. Why would anyone at GE not take steps to make sure that this kind of information is prevented from leaving the country---and going to Africa, of all places?
4. This is the same company that hosts a leadership training center that is attended by dozens of executives from other companies throughout the country?
3.

[mbucci01]

Unbelievable

I was also a person who was contacted about my information being stolen. The appalling thing for me is that I left the company 12 years ago. I have a tremendous amount of difficulty understanding what the purpose was for having my information on this computer.

Then I get a request from Identity Track to give them all of my credit, ATM, retail and oil cards numbers. They have already lost extrememly damaging information and they expect more.