Laptop of VeriSign employee stolen
PC contained personal information on current and former workers
Computerworld - A laptop containing the personal information of VeriSign Inc.'s current and former employees was stolen from an employee's car last month, the company confirmed today.
In a an e-mailed statement, VeriSign, a digital infrastructure vendor that manages Internet domain names such as .com and also provides security services, said it was taking the recent laptop theft "very seriously" and that the company initiated an investigation as soon as the theft was discovered.
"We have no reason to believe that the thief or thieves acted with the intent to extract and use this information," according to the Mountain View, Calif.-based company's statement. "The local police have said the theft may be tied to a series of neighborhood burglaries. We disabled any access by the employee's computer to the VeriSign network."
The statement also said the employee involved "has since left VeriSign."
In the statement, VeriSign said it was committed to ensuring that current and former employees whose personal information may have been on the stolen laptop had the support they needed to monitor their credit and knew how to respond if they identified any problems.
"The company has a policy on how to manage laptops that contain sensitive information and company data -- which in this case was not followed," according to the e-mail. "That policy includes not leaving laptops in vehicles in plain view, keeping the amount of confidential and sensitive data stored on laptops to a minimum, and using data encryption tools to protect those sets of data that absolutely must be stored on a laptop. Going forward, we will continue to review our security procedures to prevent future human errors of this type."
The information about the theft was posted on the Wizbang blog.
Wizbang said it received several copies of a letter VeriSign sent to its employees detailing the theft. The letters came from several current and former VeriSign employees, the blog said.
According to the first page of the five-page letter, which Wizbang posted on its site, VeriSign said it wanted to alert its employees that a laptop that might have contained their personal information was stolen from the vehicle of a VeriSign employee while it was parked in the employee's garage in Northern California. The theft occurred sometime between the evening of July 12 and the morning of July 13, according to the letter.
VeriSign spokeswoman Lisa Malloy confirmed that the posted letter was the same one the company sent to employees.
According to the letter, the laptop may have contained employees' personal data, including their names, Social Security numbers, dates of birth, salary information, telephone numbers and home addresses. It did not include credit card numbers, bank account numbers or password information, nor did it contain information about VeriSign's customers, the letter said.
However, in the letter to employees, VeriSign said that although the information was not encrypted, the computer was fully shut down and a username and a password were necessary to log onto it.
"To our knowledge, the thieves do not have the password," the letter said.
VeriSign also offered the affected employees a free one-year subscription to a credit monitoring service. The company also recommended that the employees place a "fraud alert" on their credit files.
Read more about Networking in Computerworld's Networking Topic Center.
- Securing Mobility, From Device to Network At one time, the process of managing and securing mobile devices and applications was fairly straightforward. Most organizations worried about one application (email)...
- Need to Replace MS Threat Management Gateway? Read this article to learn how F5's Secure Web Gateway solution provides a full set of features that can help you successfully migrate...
- The Shortfall of Network Load Balancing Applications running across networks encounter a wide range of performance, security, and availability challenges as IT department strive to deliver fast, secure access...
- Leave No App Behind with Software Defined Application Services F5 Software Defined Application Services (SDAS) is the next-generation model for delivering application services that enables service injection, consumption, automation, and orchestration across...
- Live Webcast IBM FlashSystem V840: Leveraging Software-Defined Flash to Drive Your Business With end-to-end, tightly integrated functionality and super-fast flash technology, products like IBM FlashSystem V840 Enterprise Performance Solution empower businesses to leverage the efficiency...
- DevOps with PureApplication System: Reduce cost and speed delivery with an integrated IBM Cloud solution Join this webcast to hear what ING Netherlands has been able to achieve while deploying DevOps tools from IBM Rational. An ING executive...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different.... All Networking White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!