Theft of Fidelity Laptop puts 196,000 HP Employees at Risk

Laptop with private info of thousands of HP workers stolen From the San Francisco Chronicle: “A laptop with the personal information of about 196,0000 Hewlett-Packard current and former employees has been stolen from mutual fund company Fidelity Investments, which manages the tech giant’s pension and retirement plans.

The theft, which happened last week, prompted HP and Fidelity to alert the affected employees about the security breach. “HP is working closely with Fidelity to minimize the impact of this information breach,” said HP Spokeswoman Brigida Bergkamp. “

Answer me this. Why would any company ever allow 196,000 records to be put on a company laptop for any reason whatsoever?

Since I’ve been computing I have had three laptops stolen. One was stolen from a bedroom when I loaned it to a friend. One was taken from a hotel room when I was on vacation and one was literally taken from my office when someone walked into the office building off the street and took it from the desk. Just a few months ago a good friend of mine had his laptop stolen when his car window was smashed and it was taken. I’ve, coincidently *never* had a desktop computer stolen.

Still, I do not keep, nor would I ever keep, sensitive personal information on a laptop’s hard drive. There is no reason possible to justify this. Any sensitive personal information can be accessed via secure connections through web based servers these days.

This is not the first high profile laptop theft that we’ve heard of compromising your personal information. This is just terrible and the government should do more to make these companies pay when they do something as idiotic as put all of your personal information on some employee’s laptop. 196,000 names!

“Crowley said Fidelity does not typically carry around sensitive information in laptops. But she noted company representatives sometimes store information in laptops in important meetings with clients.” Why? Why would they ever need this information on a laptop for an “important meeting with clients?” Is Fidelity so backwards that they can’t figure out how to demo their technology by going through secure web connections. I’m glad Fidelity doesn’t manage my retirement plan and if they did I’d hope they’d be fired for “sometimes storing information in laptops for important meetings with clients.”

Since when are their “important meetings” more important than 196,000 people’s personal financial data?

Be Sociable, Share!
Loading Facebook Comments ...

3 Comments

  1. Mike Smith says:

    Thomas,

    For your own laptop – try out TrueCrypt (http://www.truecrypt.org/). Amazingly powerful and easy encryption – perfect for your laptop.

  2. Anonymous says:

    Furthermore, Fidelity should have an encryption standard such as PointSec on any laptops where any remotely sensitive information resides. This is the direction that most industries with sensitive data have gone. My company is even running PointSec on all desktop computers.

  3. Anonymous says:

    I would like to know the title/function of the individual who had this data on the laptop: were they authorized to have such detailed level data, and what was the agenda of the client meeting that required it (if at all). I have already moved my account from Fidelity, and perhaps the others affected will do like wise.