Security News > 2006 > June > FTC attorney's laptops stolen
http://www.presstelegram.com/business/ci_3969575 By Hope Yen Associated Press 06/22/2006 WASHINGTON -- The government agency charged with fighting identity theft said Thursday it had lost two government laptops containing sensitive personal data, the latest in a series of breaches encompassing millions of people. The Federal Trade Commission said it would provide free credit monitoring for 110 people targeted for investigation whose names, addresses, Social Security numbers and in some instances, financial account numbers were taken from an FTC attorney's locked car. The car theft occurred about 10 days ago. Many of the people whose data were compromised were being investigated for possible fraud and identity theft, said Joel Winston, associate director of the FTC's Division of Privacy and Identity Theft Protection. The disclosure comes amid a widening data breach that is expected to cost the government hundreds of millions of dollars. In all, five government agencies have reported data theft, including the Veterans Affairs Department, which on May 22 acknowledged losing data on up to 26.5 million veterans. Among them: At the Agriculture Department, a hacker who broke into the computer system, obtaining names, Social Security numbers and photos of 26,000 Washington-area employees and contractors. At Health and Human Services, personal information for nearly 17,000 Medicare beneficiaries may have been compromised in April when an insurance company employee called up the data through a hotel computer and failed to delete the file. At Energy, Social Security numbers and other data for nearly 1,500 people working for the National Nuclear Security Administration may have been compromised when a hacker gained entry to its computer system last fall. On Thursday, a House panel was cautioned that credit monitoring alone may not be enough to protect Americans whose names, birth dates and Social Security numbers were compromised at the hands of the government. During the House hearing Thursday, Mike Cook, a co-founder of a company specializing in data breaches, said identity-theft victims typically don't become aware they've been hurt until six months after their data was stolen, when creditors come calling for money owed. At that point, it's likely the thieves will have moved on having made just a few purchases so they don't attract notice and started using another victim's information. As a result, a credit monitoring service would raise a red flag after it was too late, Cook said. He said data analysis technology was available to help identity theft as it occurs, particularly in the typical cases in which thieves use stolen identities to fraudulently obtain credit cards and then make purchases. Associated Press writer Libby Quaid contributed to this report. _________________________________ Attend the Black Hat Briefings and Training, Las Vegas July 29 - August 3 2,500+ international security experts from 40 nations, 10 tracks, no vendor pitches. www.blackhat.com