Personal information relating to thousands of workers at Boeing, the multinational aeroplane maker, has been lost after a laptop was stolen.
The laptop was stolen in the US from the car of a Boeing employee during the first week of December, and contained personal data on 382,000 current and former employees. The theft is the third time in little over a year that Boeing's employee data has been stolen.
Officials declined to say exactly when or where the theft occurred, according to eWeek, but said social security numbers, home addresses and telephone numbers were involved.
The employee has since been fired and the company has admitted that the laptop should not have been removed from its offices.
The incident is the latest of a string of thefts which have involved personal employee data. In November 2005, data on 161,000 Boeing employees and retirees was stolen on a laptop. Just five months later, information on another 3,600 Boeing workers was stolen from another mobile device.
Some of the highest profile organisations in the UK have also been affected. Last month, three laptops storing payroll details covering half of the staff of the Metropolitan Police were stolen from Logica CMG. And just days earlier, Nationwide Building Society fell victim to the theft of a laptop containing customer information.
Nationwide has refused to reveal the nature of the stolen information, and claimed that its customers would not suffer financial loss.
The US Department of Justice and the University of California have also fallen victim to loss of sensitive information through laptop thefts, according to the Privacy Rights Clearinghouse, which has compiled a list of major data security breaches.
The average breach costs victim companies $182 (£93) per compromised record, according to work from the Ponemon Institute.
Talkback
I can undersand this occurring once as mistakes do happen, but three times for the same company! In these times of worry over identity theft and international terrorism I feel that this is not just an unfortunate error but a complete failure of the business process to follow common curtesy in keeping personal data secure. I thank my lucky stars that I do not have any link to Boeing.
Surely it's time to stop putting this type of data on laptops.
If the laptop wasnt meant to be taken out of the building simply use a desktop instead. It may not be as convenient for that employee, but it is far better for the rest.
I agree entirely - if the machine wasn't intended to be taken out of the office, it should have been a bolted-down desktop, with no writeable external devices, at least.
But I'd go further - if this data is confidential - which it demonstrably is - then why is it on a user machine anyway? It should be on a secure server, fully encrypted to maiximum AES depth and access controlled.