[ISN] Stolen DOT computers lead to laptop theft ring

From: InfoSec News (alerts@private)
Date: Wed Nov 22 2006 - 23:21:33 PST


http://www.fcw.com/article96913-11-22-06-Web

By Aliya Sternstein
Nov. 22, 2006

An investigation into two recent laptop computer thefts from the 
Transportation Departments Office of Inspector General has helped 
uncover a ring of laptop thieves, according to the latest status report 
on the incidents.

On July 27, someone stole an OIG special agents laptop from a locked car 
near Miami. The laptop contained personally identifiable information 
about 133,000 Florida residents. Following that episode, officials 
reviewed an April theft of an OIG laptop that occurred in Orlando, Fla. 
That laptop belonged to the special agent-in-charge of the Miami OIG 
office.

It took several weeks for computer crime forensics experts to check the 
Orlando laptops backup files for sensitive personally identifiable 
information (SPII), OIG spokesman Clayton Boyce said today.

They found about 9,000 individuals [who] were also on the Miami-area 
laptop and about 900 who were not on the Miami-area laptop, he said.

Nearly all the individuals had been entered into the Orlando computer as 
part of a criminal investigation into fraudulent licensing, Boyce said. 
The individuals were not suspects. Rather, they had picked up their 
commercial driver's licenses, airman certificates and security 
clearances from facilities where incidents of fraud had been reported. 
The laptop also contained a small number of employee records, such as 
leave approvals and employee evaluations.

Although both laptops were protected with passwords, the contents 
including names, Social Security numbers and addresses may or may not 
have been encrypted, Boyce said. The data on the Miami laptop was 
definitely not encrypted, according to OIG officials. But it is unclear 
whether the contents of the Orlando laptop were encrypted.

"This still has not been determined with absolute certainty. It was to 
the best of our knowledge not encrypted when the laptop was stolen, 
Boyce said. The SPII data had been encrypted previously, but the 
encryption software had been disabled to allow migration of a server and 
updating of software.

He added that OIG officials do not know for sure whether it was 
unencrypted at the time of the theft because the scripts controlling the 
encryption process were not visible to the computers owner the special 
agent-in-charge.

Officials are confident that the laptops were not targeted for identity 
theft, according to a Nov. 21 status report on the investigation. No 
credit fraud has resulted from the theft of either computer, the report 
states.

Based on our investigation to date, we believe that the risk of credit 
fraud in the future is very low. The investigation is nearly complete 
and we expect to issue a report by the end of the year, according to the 
status report.

The laptop investigation which was undertaken by OIG special agents, 
with assistance from the FBI and Miami-Dade County Police Department led 
to the arrest of an individual suspected of stealing the Miami-area 
laptop, according to the report. During surveillance at the same 
restaurant where the laptop had been stolen, the suspect stole a decoy 
computer using the same technique that was used in the original theft. 
He used a device to punch the lock in the passenger-side door.

The suspect acknowledged stealing many laptops but did not acknowledge 
taking the laptop on July 27. This individual was indicted on a federal 
charge of theft of government property for stealing the decoy laptop.

Interviews with the individual and others involved uncovered a small 
theft ring in which its members stole laptops at the restaurant and in 
the nearby vicinity. The ring members would load the stolen laptops with 
new operating systems and then sell them on the used computer market, 
primarily to high school students, the OIG status report states.

As of Nov. 13, OIG and an identity risk management contractor found no 
indications that any of the affected individuals personally identifiable 
information had been misused.

A hot line established to address citizens concerns has received more 
than 1,600 phone calls, e-mail messages and letters, as of Nov. 13. 
Nearly 50 of those communications produced possible leads in the 
criminal investigation, the status report states.

Interviews with the suspects confirmed that the ring did not attempt to 
access the original data on the laptops, the report adds.


_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
 



This archive was generated by hypermail 2.1.3 : Wed Nov 22 2006 - 23:34:11 PST