BP employee loses laptop containing data on 13, 000 oil spill claimants

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.computerworld.com/s/article/9215316/BP_employee_loses_laptop_containing_data_on_13_000_oil_spill_claimants

By Jaikumar Vijayan
Computerworld
March 29, 2011

The personal information of 13,000 individuals who had filed compensation 
claims with BP after last year's disastrous oil spill may have been 
potentially compromised after a laptop containing the data was lost by a 
BP employee.

The information, which had been stored in an unencrypted fashion on the 
missing computer, included the names, Social Security numbers, addresses, 
phone numbers, and dates of birth of those who filed claims related to the 
Deepwater Horizon accident.

BP said in a statment that the personal information had been stored in a 
spreadsheet maintained by the company for the purposes of tracking claims 
arising from the accident. "The lost laptop was immediately reported to 
law enforcement authorities and BP security, but has not been located 
despite a thorough search," BP said on Tuesday.

The information was part of a claims process that was implemented before 
BP had established its Gulf Coast Claims Facility.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/