ACCOMACK: County laptop stolen on employee's trip to Vegas; residents' SSNs compromised

[Christine Fulgham <christine () opensecurityfoundation org>]

http://www.delmarvanow.com/article/20101014/NEWS01/101014035/1002/ACCOMACK--County-laptop-stolen-on-employee-s-trip-to-Vegas--residents--SSNs-compromised

ACCOMAC — An Accomack employee had a county-owned laptop computer stolen
while on a personal vacation to Las Vegas, and with it the names and Social
Security numbers of roughly 35,000 county residents.

In some cases, actual addresses of county residents also may have been
included in computer files.

“It was taken there without permission,” said County Administrator Steve
Miner of the computer.

Miner said the worker remains employed. The matter was discussed during a
closed meeting of the Board of Supervisors on Wednesday.

“We really haven’t resolved the personnel side of this,” he said.

The incident happened on the evening of Oct. 7. The county waited seven days
before issuing a prepared release to media warning citizens of it.

He said letters will be sent to affected residents “very soon.”

Miner said the county began determining what was on the computer immediately
after its theft.

“We have since been trying to work on the problem,” he said. “That was not
something we knew, in terms of files. That took some forensic work. Then we
had to figure out what it meant.”

Neither Miner nor the release named the employee who had the computer
stolen.

[...]

_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/