Identity Theft: Stolen Laptop Response Congress and state legislatures must notify Ernst & Young, Veteran Affairs, and other companies and agencies that process our personal data promptly and promptly.
In the past few days, major news networks and countless online news sources have reported two more cases of laptops containing the personal data of millions of people that have been lost or stolen. The first theft involved a laptop that was stolen from a Veterans Affairs employee. The missing data in this case includes social security numbers.
The second incident involved a asus 2-in-1 q535 laptop stolen from an employee of Ernst & Young. The laptop contained personal data from approximately 243,000 Hotels.Com customers who booked rooms between 2002 and 2004. In a way, this second incident is even more serious because losing a laptop is a common occurrence for the company.
According to British tech news site The Register, password protection was the only security available on some laptops that Ernst & Young had lost in an earlier incident, and which any computer-hungry user would know could easily be hacked. What about the laptops that Ernst & Young employees recently lost? Was the data encrypted on these enware 17in laptop? Are there any company policies that limit the amount of personal data that can be left in an office where network security standards and firewall protection are in place? Is there a company rule that prohibits employees from leaving laptops unattended (even though you'd think common sense would suffice)? Better yet, are there regulations that prohibit the transfer of personal data to employee laptops? I have no hope. If any of these actions are taken, Ernst & Young's public relations staff will put it in the media to reassure clients and the public in an effort to protect the company from the company.
Ernst & Young and the VA aren't the only companies that have lost laptops
containing personal data, and most of these companies have developed a specific response straight from their corporate operating manuals. Ernst & Young has agreed to offer Hotel.Com customers free credit monitoring for one year. This is no compensation for those who would potentially have to spend years trying to erase bad credit. Anyone who has been in a vulnerable position to prove they don't owe a debt they don't owe will tell you. If Ernst & Young creates a task force to help consumers deal with identity theft, perhaps that could be considered compensation. If they offer to pay legal fees for someone with bad credit, or pay a state fine to prosecute identity thieves, that can be considered compensation. If they comply and implement software to encrypt and protect data, and in particular prevent personal data from being downloaded onto laptops, it will be considered the best course of action.
https://techfinlay.com/
Audit firm employees don't seem to care what happens to your personal data. The Register reported that in one case, employees left laptops unattended in a conference room while going to lunch. You can only see how this can happen. They are in Miami for another convention. The convention is held in a city center hotel where they have been several times. They are familiar with the hotel and the area, so they actually feel a false sense of security. Someone has been talking for hours about converting more sales, some return on investment, or their company's new data recovery center that will help customers feel "safe." Anyway, the speaker pauses to catch his breath and everyone realizes it's time to take a lunch break. They're back in the room, so why lug around heavy clevo pa71 laptop? Don't they return to the hall for the second half of the convention? Do they also ask if the meeting room will be closed during lunch? Not at all they are business laptops. What laptops are missing for a big company like Ernst & Young.
0
Sign in to leave a comment.