Firm reports stolen laptop

Fidelity Investments confirmed that a laptop computer containing confidential information on more than 196,000 current and former employees at Hewlett-Packard Co. was stolen last month from the financial company.

The computer theft may have exposed employees’ names, social security numbers and compensation details.

Though there is no evidence yet that the stolen information has been misused in any manner, the Boston-based financial services firm has begun sending out letters informing affected HP workers about the incident and recommending follow-up action, a spokeswoman said via e-mail.

The laptop, which contained personal data of participants in an HP-sponsored retirement plan, was stolen from employees who had brought it to an off-site meeting, according to the spokeswoman. “It is not our practice to have that level of data on a laptop,” she said. “We limit significantly the use of such confidential data outside of Fidelity to only those instances where the information is appropriate or required.”

The spokeswoman said the laptop application with the personal data was running on a temporary license that has since expired. As a result, the application should be locked and the data should be scrambled, she said.

“At this time, we are unaware of any misuse of the information contained in the software on the laptop,” she said, adding that Fidelity has been monitoring activity in the affected HP accounts. “We have taken steps to implement extra security processes requiring additional authentication for access to those HP accounts, as well as other measures to prevent unauthorized use,” she said without elaborating.

Following the theft, Fidelity contacted the three principal credit reporting bureaus to advise them of the situation, and it has arranged for affected HP employees to enroll in a free credit monitoring service.

The compromise highlights the dangers of storing confidential data on mobile devices without adequate security controls, said Robert Egner, vice-president at security vendor Pointsec Mobile Technologies Inc. in Mokena, Illinois.

Such systems need additional controls to protect against accidental data exposure when mobile devices are lost or stolen, he said.

Quick Link 064778

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now