:: Stolen laptops an open door to ID theft
Yet many firms are slow to publicly admit such losses of sensitive data
Here's something scary: Millions of personal files on consumers are stored on laptop computers routinely left in areas accessible to thieves.
Forget hackers who bypass sophisticated security systems. Identity thieves are simply walking off with laptops containing lots of juicy private and financial information.
Ask Linda J. of Lenexa, Kan. In May, she received a letter from a former employer stating cryptically: "We are contacting you about a potential problem involving possible identity theft."
The letter went on to say the stolen computers contained names, addresses and Social Security numbers on current and former employees.
Ironically, the company, Securitas Security Services USA Inc., is one of the world's biggest security firms. Once known as Pinkerton's — the detective agency that dogged Jesse James — the $6 billion company operates in 30 countries and has 200,000 employees.
But on the night of April 26, apparently without detection, thieves slipped out of the company's West Coast operations center with "a number" of laptop computers.
Linda J., who asked that her name not be used since her identity has already been compromised, worked for the company for three months as a crossing guard at a grade school. She said those three months are hardly worth the current hassle of calling credit bureaus, creditors and banks to ensure someone doesn't go on a spending bender using her good name.
"I'm the one that has to take all the responsibility," she said. "I have to put fraud alerts on all my credit reports. Basically, they are saying their responsibility ended when they sent me a letter."
Securitas set up a hotline for employees. A spokesman said that more than 100,000 current and former employees got letters and that the company was also contacting credit bureaus.
"The investigation is still ongoing," the spokesman said.
The theft of laptops loaded with personal information seems to be a thriving business.
The Privacy Rights Clearinghouse lists more than 11 laptop thefts since late April. The thefts affect hundreds of thousands of people. That doesn't even count thefts of discs, tapes and software files.
"My guess is there are far more incidents that exist than we have in our listing," said Beth Givens, director of the California-based identity theft watchdog.
The list counts only breaches reported in the media. And a lot of embarrassed companies don't go out of their way to make their goofs public.
Here's a sample of more information compromised by laptop thefts:
● Information on Caterpillar employees was stolen from a benefits consultant April 27.
● Patient information was stolen from Highland Hospital in Rochester, N.Y., on May 11 and was sold on eBay.
● Student financial aid information was stolen from Northwestern University on May 20.
● Student Social Security numbers were stolen from a Texas A&M professor on vacation June 18.
● Data on Texas First Bank customers disappeared when a car was stolen in Dallas on June 22.
What this suggests is that some businesses may be too cavalier with consumer data.
Most attention focuses on what consumers can do after they've been victimized. Not enough is focused on
businesses protecting consumers.
Federal identity theft laws vary depending on the industry.
"We don't have an overarching identity theft protection law," Givens said.
Linda J. called Securitas for more information. She said she was told not to fret too much because there was no evidence her personal data had been misused by thieves.
"They (businesses) always say that," Givens said. "It aggravates me. They have no way of knowing what kind of voyage that information embarked on."
In its letter to Linda J., Securitas said: "We regret that this unfortunate event occurred and we are in the process of enhancing our procedures and controls so that criminal events like this do not happen in the future."
This is the same company that says on its Web site: "At Securitas, our mission comes down to pretty much one thing: to protect you, our client."
