Employees of small Wisconsin village at risk after laptop theft
|
Date Reported:
7/8/10
Organization:
Village of Big Bend (WI)
Contractor/Consultant/Branch:
Undisclosed payroll provider
Location:
Victims:
Village employees
Number Affected:
Undisclosed
Types of Data:
"payroll information"
Breach Description:
"A laptop containing payroll information for the village's employees was stolen from the car of the village's payroll provider in Milwaukee last week, village clerk Bobbi Woppert said."
Reference URL:
Milwaukee Journal Sentinel
WTAQ.com
Report Credit:
Eric Randall, Journal Sentinel
Response:
From the online sources cited above:
A theft in Milwaukee is causing a headache for employees of the Village of Big Bend.
[Evan] The Village of Big Bend is small (pop. 1,278 in 2000 census), so we can assume that the number of employees affected is relatively small too. I suppose this is no consolation to those who are affected though, is it?
A laptop containing payroll information for the village's employees was stolen from the car of the village's payroll provider in Milwaukee last week, village clerk Bobbi Woppert said.
[Evan] I cannot think of one good, valid excuse for not adequately protecting sensitive information stored on mobile devices (laptops, PDAs, smart phones, flash drives, USB hard drives, etc.). Adequate protection would include strong encryption and sound key management. Read and learn.
Police have not recovered the laptop.
The provider reported the theft and sent letters to employees to inform them their personal information was not secure.
The provider recommended that employees contact a credit bureau that would place a 90-day alert on their information to prevent identity theft.
[Evan] Can we think of any recommendations that the employees should have for the provider?!
Members of the village finance committee will meet next Thursday to discuss the theft.
Woppert said she did not know whether they would consider moving to another payroll provider.
Woppert did not know the name of the payroll company.
Commentary:
There are many cost-effective encryption solutions on the market nowadays, and the risks of storing sensitive information on mobile devices is very well known. Companies, organizations, and/or people who store sensitive information without encryption are playing with fire. If you like playing with fire, then I guess you're OK without encryption.
We have very few details about this breach. If you’re interested, I am guessing that you may find meeting minutes posted to the Village's web site at a later date.
Past Breaches:
Unknown
Posts Atom 1.0
Comments