Security threats Toolkit

HP employees' data compromised

Tags:
Stolen,
Theft,
Loss,
Laptop

Joris Evers CNET News

Published: 23 Mar 2006 09:25 GMT

A laptop with information on almost 200,000 current and former HP employees was stolen last week, putting them at risk of identity fraud.

The stolen computer belongs to Fidelity Investments, which provides services to HP, the technology giant said on Wednesday. The laptop was being used by several Fidelity employees in an off-site location, said Anne Crowley, a spokeswoman for Fidelity, which is based in Boston.

The portable PC contains information on 196,000 current and former HP employees, Crowley said. The data includes names, addresses, Social Security numbers, dates of birth and other employment-related information, but not the personal identification numbers required to log on to Fidelity services, she said.

The HP incident is the latest in a string of data security breaches. In the last 13 months, more than 53 million personal records have been exposed in dozens of incidents, according to information compiled by the Privacy Rights Clearinghouse. Last month, McAfee reported that an external auditor lost a CD with information on thousands of current and former employees.

Fidelity has reported the theft to law enforcement agencies and the matter is under investigation, Crowley said. "They told us that there have been several laptop thefts... and that their experience has been that these appear to be largely property-focused, rather than people seeking data or identity information," she said.

There is no evidence that the information has been misused, Crowley said. Furthermore, the information requires a special application, which expired a day or so after the laptop was stolen, she said. "The data would be difficult to interpret and generally difficult to read or use."

Identity theft continues to plague consumers, topping the list of fraud complaints reported to the Federal Trade Commission oin the US last year. Consumers filed more than 255,000 identity theft reports to the FTC in 2005, accounting for more than a third of all complaints, the agency said in January.

HP and Fidelity started notifying affected individuals this week, both companies said. Fidelity has stepped up security on HP accounts and offers those affected a no-cost credit-monitoring service for a year.

Fidelity claims to be the largest mutual fund company in the United States and one of the world's largest providers of financial services to about 21 million individuals, according to its Web site.