Stolen computers pose security risks

Thousands of people's information has been compromised in the past six weeks.
WASHINGTON POST
WASHINGTON -- It has become the police-blotter item of our age: A small-time burglar swipes a laptop and fences it for a quick $200 at a pawnshop.
But increasingly, these petty crimes are causing anxiety in executive suites across the country as one corporation after another alerts customers that laptops holding troves of sensitive records have been stolen.
Week after week, Americans who conscientiously shred every piece of mail and all credit card receipts learn that their personal information was stored in the laptop of a low-level employee who casually took it out of the office and that it has ended up in the hands of some penny-ante crook.
"We used to be worried about credit card receipts, and tearing those up. Now we have to worry about everybody's spreadsheets," said Scott Larson, a former FBI agent who used to track cyber criminals and is now managing director for Stroz Friedberg LLC, a consulting and technical services firm.
In the past six weeks, laptop thieves have found themselves holding thousands of credit card numbers from Hotels.com, birthdates from pensioners here who put their retirement funds in ING, addresses of nuclear power plant employees, account numbers of Mercantile Potomac Bank customers -- or even the Social Security numbers of people who work for Equifax, the credit reporting giant.
Millions affected
Untold millions of Americans are affected. Last month, the U.S. Department of Veterans Affairs reported that a stolen laptop and computer hard drive taken from an employee's house in Montgomery County, Md., contained personal information on 25.5 million veterans and military personnel.
Social Security numbers and the birthdates of 13,000 workers and retirees here were among the data contained on a laptop stolen last week from the D.C. house of an employee of ING U.S. Financial Services.
And Wednesday, Equifax reported that an employee's laptop was stolen on a London train, compromising the personal records of about 2,500 of the company's Atlanta-based employees.
The thefts are being reported in large part because many states have passed laws requiring that they disclose potential data breaches.
What is striking to many people is how widespread and haphazard the spread of personal information has become in companies and government.
"I don't want to be alarmist, but there are so many breaches being reported these days. We all just need to assume our personal information, especially our Social Security numbers, are at risk," said Beth Givens, director of the Privacy Rights Clearinghouse, a consumer advocacy group in San Diego.