December 14, 2006 10:00 AM PST
Stolen Boeing laptop held ID data on 382,000
- Related Stories
Notebook theft leaks London police payroll dataNovember 22, 2006
Theft of laptop puts thousands of identities at riskAugust 11, 2006
VA laptop breach victims to get free ID monitoringAugust 10, 2006
It is third such incident at the aircraft giant in the past 13 months. The laptop contained names, home addresses, phone numbers, Social Security numbers and dates of birth for current and former Boeing employees, company spokesman Tim Neale said. The theft potentially puts the individuals at risk for identity theft.
Despite the large number of people affected by the theft, Neale said Boeing has received no reports of the sensitive information being compromised.
"We have no evidence that Boeing was targeted by an individual or a group, so maybe the laptop was stolen just for the value of the laptop," Neale said.
He added that the notebook was turned off at the time it was stolen and requires a password to access the data.
Boeing, meanwhile, is still in the process of notifying those individuals whose information was on the laptop. It is providing them with up to three years of free credit monitoring.
Since fall of last year, Boeing has suffered the theft of two other laptops containing sensitive information about current or former workers. In April, a notebook containing information about 3,600 individuals was stolen, and in November 2005, a similar incident involved a breach of data on 161,000 people.
"Even before the first incident, the company had security procedures and policies that called for them to work off of the server behind the firewall. But after the November theft, we asked for everyone to review our policy and remove information off their hard drives and work off the server. We even had managers go around to double check that that had happened," Neale said.
He added he has not yet heard why the employee in this latest incident downloaded information off of the server.
After the April incident, Boeing decided to start a project that would automatically encrypt files as they are pulled off the server, Neale said. The first groups to test this technology will be those working with employee data. However, the encryption procedures will be eventually implemented in other areas of the company that deal with sensitive data, he added.
The company also is working on ways to eliminate the use of Social Security numbers, as much as possible, as an identifier for Boeing employees, he said.