Hewlett-Packard Director Lost Laptop, 1425 Affected
Technorati Tag: Security Breach
Date Reported:
8/16/07
Organization:
Hewlett-Packard Company
Contractor/Consultant:
None
Number Affected:
1,425
Types of Data:
Name, address, Social Security number, date of birth, citizenship, and compensation information.
Breach Description:
"A laptop belonging to an HP director was lost during a business trip to Atlanta in late July." To make matters worse, the victims were all Mercury Interactive employees which was acquired by HP in November, 2006.
Reference URL:
http://doj.nh.gov/consumer/pdf/hp.pdf
Report Credit:
New Hampshire Department of Justice
Commentary:
There are two things that I am having trouble understanding. One, why in the world would an HP director have a need for this information on their laptop? Two, why in the world wasn't the confidential data on this laptop encrypted?
A respectable company like Hewlett-Packard should know better. I certainly hope that this is not business as usual. I would assume that this incident was a blatant violation of HP policy.
Response:
"The laptop was secured by a user name/password combination"
[Comfyllama] Big deal! A user name and password are easily circumvented or compromised by even the most novice of computer users. It takes no skill.
Hewlett-Packard is offering victims one year of credit monitoring service.
Past Breaches:
None since August 2007
Date Reported:
8/16/07
Organization:
Hewlett-Packard Company
Contractor/Consultant:
None
Number Affected:
1,425
Types of Data:
Name, address, Social Security number, date of birth, citizenship, and compensation information.
Breach Description:
"A laptop belonging to an HP director was lost during a business trip to Atlanta in late July." To make matters worse, the victims were all Mercury Interactive employees which was acquired by HP in November, 2006.
Reference URL:
http://doj.nh.gov/consumer/pdf/hp.pdf
Report Credit:
New Hampshire Department of Justice
Commentary:
There are two things that I am having trouble understanding. One, why in the world would an HP director have a need for this information on their laptop? Two, why in the world wasn't the confidential data on this laptop encrypted?
A respectable company like Hewlett-Packard should know better. I certainly hope that this is not business as usual. I would assume that this incident was a blatant violation of HP policy.
Response:
"The laptop was secured by a user name/password combination"
[Comfyllama] Big deal! A user name and password are easily circumvented or compromised by even the most novice of computer users. It takes no skill.
Hewlett-Packard is offering victims one year of credit monitoring service.
Past Breaches:
None since August 2007
Comments