Another stolen State of Pennsylvania laptop
Technorati Tag: Security Breach
Date Reported:
9/22/07
Organization:
State of Pennsylvania
Contractor/Consultant:
Department of the Auditor General
Victims:
West Mifflin Area School District teachers and bus drivers
Number Affected:
Unknown*
*"Currently, there are approximately 3,200 students enrolled and and 216 teachers in the West Mifflin Area School District." according to the school district web site.
Types of Data:
Name, Social Security number and driver's license number
Breach Description:
A laptop containing sensitive personal information about West Mifflin School District teachers and bus drivers was stolen from the car of an auditor with the State of Pennsylvania Department of the Auditor General in August.
Reference URL:
Pittsburgh Tribune-Review Story
Report Credit:
The Pittsburgh Tribune-Review
Response:
From the online resource referenced above:
"The West Mifflin Area School District has advised teachers and bus drivers that a laptop computer containing their names, Social Security numbers and driver-license numbers was stolen from the car of an auditor with the state Auditor General's office."
"Robyn Tedesco, spokeswoman for the district, said the agency's notification says the computer was stolen in August but that its contents are protected by a password."
[Comfyllama] When will people get it? Password protection of a laptop is NOT adequate without additional control such as encryption.
The agency's letter said the laptop also had information on Steel Valley School District employees. Spokesmen for the state agency declined to comment on what steps the office is taking to prevent future thefts.
[Comfyllama] I did not include the Steel Valley School District personnel as victims yet because details are still too limited. Although the state agency has no comment on what steps they will take to prevent this type of breach in the future, they certainly should! I would want to know.
Commentary:
This is at least the 12th stolen computer story reported this month that included sensitive, unencrypted data and the 2nd one involving the State of Pennsylvania. On September 11th, Pennsylvania Department of Public Welfare computers were stolen that contained sensitive information affecting 375,000 citizens.
I am beginning to think that storing confidential information on desktop and laptop computers without encryption is a common practice at the state. This is two "no-no's" Shame shame.
Past Breaches:
September, 2007 - Stolen Pennsylvania Department of Public Welfare computers affect 375,000
Date Reported:
9/22/07Organization:
State of Pennsylvania
Contractor/Consultant:
Department of the Auditor General
Victims:
West Mifflin Area School District teachers and bus drivers
Number Affected:
Unknown*
*"Currently, there are approximately 3,200 students enrolled and and 216 teachers in the West Mifflin Area School District." according to the school district web site.
Types of Data:
Name, Social Security number and driver's license number
Breach Description:
A laptop containing sensitive personal information about West Mifflin School District teachers and bus drivers was stolen from the car of an auditor with the State of Pennsylvania Department of the Auditor General in August.
Reference URL:
Pittsburgh Tribune-Review Story
Report Credit:
The Pittsburgh Tribune-Review
Response:
From the online resource referenced above:
"The West Mifflin Area School District has advised teachers and bus drivers that a laptop computer containing their names, Social Security numbers and driver-license numbers was stolen from the car of an auditor with the state Auditor General's office."
"Robyn Tedesco, spokeswoman for the district, said the agency's notification says the computer was stolen in August but that its contents are protected by a password."
[Comfyllama] When will people get it? Password protection of a laptop is NOT adequate without additional control such as encryption.
The agency's letter said the laptop also had information on Steel Valley School District employees. Spokesmen for the state agency declined to comment on what steps the office is taking to prevent future thefts.
[Comfyllama] I did not include the Steel Valley School District personnel as victims yet because details are still too limited. Although the state agency has no comment on what steps they will take to prevent this type of breach in the future, they certainly should! I would want to know.
Commentary:
This is at least the 12th stolen computer story reported this month that included sensitive, unencrypted data and the 2nd one involving the State of Pennsylvania. On September 11th, Pennsylvania Department of Public Welfare computers were stolen that contained sensitive information affecting 375,000 citizens.
I am beginning to think that storing confidential information on desktop and laptop computers without encryption is a common practice at the state. This is two "no-no's" Shame shame.
Past Breaches:
September, 2007 - Stolen Pennsylvania Department of Public Welfare computers affect 375,000
Posts Atom 1.0
Comments