[ISN] Laptop Stolen With Personal Data On 300, 000 Health Insurance Clients

From: InfoSec News (alerts@private)
Date: Thu Jan 31 2008 - 01:03:38 PST


http://www.informationweek.com/news/showArticle.jhtml?articleID=206100526

By Marianne Kolbasuk McGee
InformationWeek
January 30, 2008 

Horizon Blue Cross Blue Shield of New Jersey has notified its members 
that an employee laptop computer containing personal information -- 
including Social Security numbers -- for about 300,000 individuals was 
stolen in early January.

The health care insurer has sent letters to thousands of its members 
alerting them about the theft, which occurred in Newark, N.J. on Jan. 5. 
On its Web site, the company says a "security feature was initiated" on 
Jan. 28 that "destroys all the data on the stolen computer."

Horizon Blue Cross Blue Shield of New Jersey says the personal 
information contained on the computer also included names and addresses 
of members, but no medical data.

The company says it "believes" it is "highly unlikely" that any personal 
data stored on the stolen computer has been accessed and that the 
computer was "password protected."

Nonetheless, the insurer is offering affected members free credit 
monitoring for one year.

Horizon Blue Cross Blue Shield of New Jersey is the latest company to 
report a security breach related to a stolen laptop.

Back in October, Gap disclosed the theft of a laptop computer containing 
personal information on about 800,000 people who applied for jobs with 
the retailer. That computer was stolen from a third-party contractor 
that manages information on job applicants.

Among the biggest breaches involving a stolen laptop occurred in May 
2006, when a Department of Veterans Affairs computer containing personal 
records on more than 26.5 million current and former members of the U.S. 
military was stolen. That hardware was later recovered but led to a 
major overhaul in VA security procedures and rules for data use and 
storage.

In another data security breach this week, financial services firm 
Davidson Companies revealed that a hacker broke into its databases, 
stealing personal account information, including names and Social 
Security numbers, on more than 226,000 clients.

Calls to Horizon Blue Cross Blue Shield of New Jersey were not 
immediately returned.


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn 



This archive was generated by hypermail 2.1.3 : Thu Jan 31 2008 - 01:15:23 PST