The entities involved include national companies, universities, health centers, banks and government organizations.

"The (type of theft) that seems to be very much on the increase is the stolen laptop," Paul Stephens, a policy analyst with the Privacy Rights Organization, told United Press International, although he noted that laptops may be targeted for their value rather than for the data they contain.

Four cases of data theft, three of which involve pilfered laptops, have been widely publicized in the past few weeks, heightening concerns over the protection of personal information.

Equifax Inc., ING U.S. Financial Services, the National Nuclear Security Administration and the Department of Veterans Affairs have had sensitive information on individuals purloined.

One of the three major U.S. credit reporting bureaus, Equifax Inc., reported Tuesday that an employee's laptop was stolen in May while traveling on a train near London. Nearly all of the company's 2,500 employees could be affected.

ING, which administers the District of Columbia's retirement plan, notified the city on Friday that a laptop was stolen from an employee's home that contained information on 13,000 District workers and retirees.

The National Nuclear Security Administration informed the Energy Department Secretary two weeks ago that a hacker had accessed information on 1,500 people.

And in May the government made public the news that a laptop and external hard drive with sensitive information on 26.5 million veterans and military personnel had been stolen from the home of a Department of Veterans Affairs employee.

One of the factors arousing concern about these cases is that in each of them there was a significant time lapse before the theft was reported. ING waited five days to inform city officials, Equifax and the Veterans Affairs department announced the thefts after three weeks and the National Nuclear Security Administration delayed notification of superiors for nine months.

"Just knowing about it doesn't solve all the problems in the world, but it can avert problems in the near-term," Andrew W. Klugness, an expert in e-commerce law and attorney with the international law firm Bryan Cave LLP, told United Press International.

Twenty-three states have passed laws that require individuals to be notified of security breaches, and legislation circulating in Congress mandates the same policy at the federal level. Credit card companies maintain their own standards and some industries regulate protection for certain types of data.

While data thieves can use information like social security numbers years down the road, Klugness said, victims can be proactive when they are notified earlier.

The stolen information in all four cases includes social security numbers.

"Having someone's social security number and name in this day and age will get you pretty far," Klugness said. For instance, data thieves can easily access addresses through the Internet and use the information to open a credit or bank account.

The best step victims can take is to be informed, Klugness said, recommending the Web sites privacyrights.org and firstgov.gov/veteransinfo as reputable sources of information. Those who are worried can also order credit reports, he said, and should inform their credit companies and banks that they are at risk.

Employees have been saving and removing information from the workplace "for years and it was never a problem and many times they need to do things like this to get their work done," Shon Harris, a security consultant and president of Logical Security, told UPI.

Organizations need to give employees privileged access to information for their tasks, she said, but there are technologies that can help prevent data theft by prohibiting the copying of information to CD, DVD or jump drives, and programs that identify the site of sensitive data in a system, since most companies do not know where that information is located.

"I think the government, first things last, needs to adopt policies that are designed to realistically protect consumer info," Klugness said.

And Stephens suggested that employers ensure any data removed from the workplace is encrypted so that it will not be accessible to thieves.

"Security and complexity do not mix," said Harris. "Computer crime will reduce as we get our laws, technologies, processes, and awareness more in step to where we need to be, but it will never go away."

Community
Email This Article
Comment On This Article

Related Links
- The Long War - Doctrine and Application

Memory Foam Mattress Review

SPACE MEDIA NETWORK PROMOTIONS Solar Energy Solutions Tempur-Pedic Mattress Comparison ... Newsletters :: SpaceDaily :: SpaceWar :: TerraDaily :: Energy Daily XML Feeds :: Space News :: Earth News :: War News :: Solar Energy News