Speaking of unencrypted data, letters are being sent around to AT&T managers alerting them that someone managed to skulk off with an unencrypted company laptop in tow.
According to the letter, the laptop was stolen on May 15th from an employee’s vehicle. It had an unencrypted file containing names, Social Security numbers, and salary information for “a number of AT&T management employees.” No location was disclosed, as AT&T does “not want to potentially notify the thief of the nature of the data on the hard-drive.”
Although the data wasn’t encrypted, the laptop was password protected. Best case, the theft was just a smash-and-grab by someone who plans to dump the drive and resell it. There is no evidence yet that the information has been compromised – not that that relieves any stress for the victims. Unless the laptop is recovered, there’s no way to be sure that problems won’t spring up months or years from now.
Hopefully this serves as a wake up call to any companies out there not keeping a strict eye on these sorts of things (read: It won’t). It takes all of a few minutes per system to get FileVault or BitLocker or TrueCrypt up and running. How much time will be spent dealing with police reports and credit agencies over this?
Photo Credit: kowitz